What's the business rationale for a SQL cluster in the DMZ?
*ASB **http://XeeMe.com/AndrewBaker* <http://xeeme.com/AndrewBaker> *Providing Virtual CIO Services (IT Operations & Information Security) for the SMB market…* * GPG: *1AF3 EEC3 7C3C E88E B0EF 4319 8F28 A483 A182 EF3A On Thu, Nov 26, 2015 at 4:16 AM, Haritwal, Dhiraj < dhiraj.harit...@ap.sony.com> wrote: > Hi, > > > > Saw on a blog that we can create failover cluster on Windows server 2016 > on a workgroup environment which doesn’t require domain login & will test > that. meanwhile looking for your feedback incase somebody is using foc on a > workgroup environment with Win2K12 r2 or using foc on DMZ with domain > access from Internal LAN. Would like to know what security measures you are > using for such setup. > > > > > > > > Dhiraj > > > > > > > > > > *From:* listsadmin@lists.myitforum.com [mailto: > listsadmin@lists.myitforum.com] *On Behalf Of *Haritwal, Dhiraj > *Sent:* 24 November 2015 19:13 > *To:* ntsys...@lists.myitforum.com > *Subject:* [NTSysADM] SQL Failover Cluster in DMZ > > > > Hi, > > > > I have to build SQL 2014 Failover cluster in DMZ where ADDS is on Internal > Network & would like to know what best practises others are using to extend > Internal LAN to DMZ for AD Authentication. Some threads talking to use RODC > for such scenarios but Cluster AD account require Create Computer objects & > read all properties access on domain. > > > > Any suggestion/real world experience is greatly appreciated. > > > > > > Regards, > > > > Dhiraj > > > ------------------------------ > > > This email is confidential and intended only for the use of the individual > or entity named above and may contain information that is privileged. If > you are not the intended recipient, you are notified that any > dissemination, distribution or copying of this email is strictly > prohibited. If you have received this email in error, please notify us > immediately by return email or telephone and destroy the original message. > - This mail is sent via Sony Asia Pacific Mail Gateway.. > > ------------------------------ > > This email is confidential and intended only for the use of the individual > or entity named above and may contain information that is privileged. If > you are not the intended recipient, you are notified that any > dissemination, distribution or copying of this email is strictly > prohibited. If you have received this email in error, please notify us > immediately by return email or telephone and destroy the original message. > - This mail is sent via Sony Asia Pacific Mail Gateway.. >
