Dear team,
i have three active directory servers.
1)ad-a (primery domain controller)
2)ad-b ( secondery domain controller)
3) ad-c (domain controller placed in dmz )
i want my vpn connected users to communicate with my 3rd active directory server which is placed in dmz. i need to change vpn users to change their password by clicking alt+cntl+Delete keys. but they cant change the password ,because its communicating with primery ad only.
for vpn users we not allowed any communiction with primery and secondery ad from our firewall.we only given communication from active directory server which we placed in dmz region. but when we try change password its trying to communicate with primery ad automaticaly. that trafic i can see in my firewall.
i can update group policy .but i can not change user password.
what will be the reason and how we can resolve the issue.
i hope you understand the issue.your assistance will be appreciated.