The Romito.corp and Sovern.corp domains have a transient trust between them, allowing user authentication across domains.
1. Open Active Directory Domains and Trusts
2. Right click on the current domain in the tree on the left, select “New Trust”
3. Enter the DNS name of the trusted domain
a. Forest Trust
b. Select “Both this domain and the specified domain”
4. Enter Administrative credentials of the trusted server when prompted
Group Policy Objects
Both Sovern.corp and Romito.corp have a number of policies applied to each user and computers. We have also implemented a custom firewall policy for each machine in both domains to allow for the deployment and upgrading of AV clients in each domain. These firewall policies allow for communication…show more content… Create a conditional forwarder for each DNS server
Right click on Conditional Forwarder in DNS Manager
Select “New Conditional Forwarder”
Add the IP address of the other domain’s DNS server
DHCP Settings
Both AndNet and EdNet have designated DHCP servers responsible for IP address assignments. AndNet_WServer12_DC (Ohio) and EdNetWin2012Services (Pacific) are the primary DHCP servers on the networks respectively.
The front end GUI, Firewall located in Applications -> Sundry -> Firewall, was used to configure Firewalld. This firewall daemon was chosen over IPTables because it provides greater flexibility in configuration, including the ability to change settings without the need to restart the service and it does not completely wipe the rule database to reload new rules every time it is loaded. Firewallld provides for better confidence and efficiency in configuration settings.
All Red Hat Enterprise Linux machines are configured to allow only connections related to services currently running on the machine to be allowed. All other requests will be dropped, but any responses to requests issued by the server itself, such as DHCP or DNS, will be allowed through.
EdNetRHWiki – HTTP, SMTP and HTTPS are allowed
EdNetRHServices – Kerberos is
