I wanted to know if there is a work-around for the following issue:
3 - firewall sites stand alone, 3 subnets, VPN's between subnets, 1 domain, win2k native mode, 1 PDC emulator 2 BDC emulators
If a secure remote user connects to only 1 site (where BDC emulator is located), with secure remote, it appears
that the BDC emulator tells the secure remote client that it needs to re-direct the Kerberos ticket request to the
PDC emulator. If the secure remote client does not have a site/connection to where the PDC emulator is
located the Kerberos ticket request is never authorized.
Is there a way to force the BDC emulator to connect to the PDC emulator to locally fulfill the Kerberos request - without
trying to have the client access the site with the PDC emulator?
3 - firewall sites stand alone, 3 subnets, VPN's between subnets, 1 domain, win2k native mode, 1 PDC emulator 2 BDC emulators
If a secure remote user connects to only 1 site (where BDC emulator is located), with secure remote, it appears
that the BDC emulator tells the secure remote client that it needs to re-direct the Kerberos ticket request to the
PDC emulator. If the secure remote client does not have a site/connection to where the PDC emulator is
located the Kerberos ticket request is never authorized.
Is there a way to force the BDC emulator to connect to the PDC emulator to locally fulfill the Kerberos request - without
trying to have the client access the site with the PDC emulator?