Consider following scenario:
Domains: euro.global.com, asia.global.com, apps.global.com, global.com(empty root)
AD Sites: Site 1 and Site 2
Trusts: two way Shortcut between all child domains
Site 1 hosts Dcs for all four domains.
Site 2 hosts DCs for asia.global.com and apps.global.com
There is a firewall between Site 1 and Site 2. From AD perspective, firewall has been set to allow only DC to DC traffic between Site 1 and Site2.
Now in order to allow a user account in euro.global.com domain to logon to a machine in site 2 (which does not host a DC for euro.global.com), do I need to allow the machines in Site 2 to communicate with DCs in Site 1?
Thanks,
Sohail
Domains: euro.global.com, asia.global.com, apps.global.com, global.com(empty root)
AD Sites: Site 1 and Site 2
Trusts: two way Shortcut between all child domains
Site 1 hosts Dcs for all four domains.
Site 2 hosts DCs for asia.global.com and apps.global.com
There is a firewall between Site 1 and Site 2. From AD perspective, firewall has been set to allow only DC to DC traffic between Site 1 and Site2.
Now in order to allow a user account in euro.global.com domain to logon to a machine in site 2 (which does not host a DC for euro.global.com), do I need to allow the machines in Site 2 to communicate with DCs in Site 1?
Thanks,
Sohail