Re: PIX and MS Active Directory [7:44797]

Thanks Brian, just in case any ones else is interested here's a useful link for the microsoft stuff http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/ittasks/t asks/adrepfir.asp Cheers Pat -- email me on : [EMAIL PROTECTED] Brian Hill wrote in message [EMAIL

RE: PIX and MS Active Directory [7:44797]

Pat, Are the clients having the problem, or are the servers having the problem? If it's the servers, it's probably just RPC, but if it's the clients, it could be lots of things. What exactly isn't working? Brian Hill CCNP, CCDP, MCSE 2000 (Charter Member),MCSE+I (NT4.0), MCSA (Charter Member),

Re: PIX and MS Active Directory [7:44797]

Brian I've just found out from the guy testing the AD stuff that it doesn't even work with static NAT translations, it'll only work with a static mapping with the same address across the firewall. The bit that isn't working is the replication between the servers Cheers Pat -- email me on :

RE: PIX and MS Active Directory [7:44797]

Tell him to use SMTP for AD replication, and disable the fixup feature for SMTP on the PIX. -Original Message- From: Patrick Donlon [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 23, 2002 8:16 AM To: [EMAIL PROTECTED] Subject: Re: PIX and MS Active Directory [7:44797] Brian I've just

RE: PIX and MS Active Directory [7:44797]

John, SMTP only works if you have two sites in two different domains. In addition, you have to have an exchange server with KMS and a CA to encrypt. Pat, I would suggest creating a tunnel from pix to pix and running the replication through there. AD uses RPC, which doesn't translate due to the