Announcement

Collapse
No announcement yet.

How to differentiate one AD site from the rest of the domain

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • How to differentiate one AD site from the rest of the domain

    We have a location in our environment which our company has sold. I'm looking for an effective (meaning easy/fast) way as possible to separate this one site from the rest of our domain for temporary period of time before the site will be completely removed.

    Site is individual site in active directory and has domain controller and multiple workstations.

    I need to achieve a situation where workstations in location can still work as before in their own environment but the AD site would be detached from the rest of the domain.

    This is temporary until the systems will be completely separated from our domain and I just need a temporary solution to make sure this location can continue working normally in domain but they have no access to other resources than their own domain controller.

    There are several things to think of here (DFS replication etc.) but is there a nice way to kind of block this one AD site from the domain without completely removing it yet?

    Thanks in Advance.

    Br,
    Vesa

  • #2
    Re: How to differentiate one AD site from the rest of the domain

    you could firewall them off. but that would depend on the timeline until such time as you could do a proper directory segregation...

    just get yiour planning under way quick smart to separate the directories
    Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

    Comment


    • #3
      Re: How to differentiate one AD site from the rest of the domain

      So simple that it didn't even cross my mind

      In addition I have one problem. Users will need access to one terminal server which will create potential gateway to other resources. Any best practice methods for making sure that users are able to only use the TS program they need and not use the terminal server as a gateway to access other resources would be appreciated. Hor now im thinking about just using GPO to restrict running cmd/explorer.exe etc services from terminal server so users can only open this spesific software they use.

      Br,
      Vesa

      Comment

      Working...
      X