General discussion

Locked

Proxy Server 2.0 and BDCs

By JLCampbell ·
I recently installed a new Proxy Server on my network. I set it up on it's own server, with IIS 4.0 running of course, and made it a PDC of it's own domain. Then I setup a one-way trust between the two domains so that the DMZ trusts the main domain, but the main domain does not trust the DMZ. Then I tried to install the WSP Client on all PC's within the company. I soon found out that the two Win NT 4.0 Servers that are on remote WANs, and setup as BDC's for the main domain, could not see the new proxy server or the DMZ. What could cause this problem? I can't even see the New server in order to install the client! Please help.

This conversation is currently closed to new comments.

6 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

Proxy Server 2.0 and BDCs

by wirejockey In reply to Proxy Server 2.0 and BDCs

Sounds like you might have a routing problem. Is the Proxy box on the same physical network? I can't help you beyond that, but I'm curious why you would create a new domain. I run proxy on a standalone server within my domain, simple and effective. Good Luck!

Collapse -

Proxy Server 2.0 and BDCs

by JLCampbell In reply to Proxy Server 2.0 and BDCs

Poster rated this answer

Collapse -

Proxy Server 2.0 and BDCs

by JLCampbell In reply to Proxy Server 2.0 and BDCs

Point value changed by question poster.

Collapse -

Proxy Server 2.0 and BDCs

by Gregory W. Smith In reply to Proxy Server 2.0 and BDCs

I actually recommend the seperate domain; therefore if the proxy machine is ever compromised, is does not have access to the domain with useful data within. This configuration has also been recomended by Windows NT Magazine (Now Windows 2000 Magazine) when reviewing how to secure a proxy.

Now, on to the problem at hand. In the most basic sense, remote BDC's in a domain cannot access the PDC of a trusting domain.

Why could this happen? Well, if the BDC's were not logged off and back on, the security token *might* not be allowing access - but this is unlikely.

You have a WAN, and seem to be setting things up well, so I will speculate on the WAN design. (correct me if I'm wrong)

The remote site BDC's have WINS and maybe DHCP. Remote WAN clients use their local WINS as the main, and the central WINS server as the backup. Am I right?

Now, even if the proxy was configured pointing to your central WINS server's address, the BDC's point to themselves and replicate from the central server. (right?)

So from a BDC, you *could* PING the Proxy.

If you force a WINS Replication, I bet it works right away. Otherwise, you will probably close this thread in a few days, saying "Well, it works now. A shame those guys couldn't tell me why it didn't then" :)

Email me if you need additional info or have additional for me.

Collapse -

Proxy Server 2.0 and BDCs

by JLCampbell In reply to Proxy Server 2.0 and BDCs

Poster rated this answer

Collapse -

Proxy Server 2.0 and BDCs

by JLCampbell In reply to Proxy Server 2.0 and BDCs

This question was closed by the author

Back to Windows Forum
6 total posts (Page 1 of 1)  

Related Discussions

Related Forums