Setup offsite Domain Controller that wont replicate

I have a domain with two domain controllers, all is good and working. I have a service provider offsite who I need to replicate our AD to ie. I have to setup a third DC on their side as part of our domain. All will be good with firewall, trusts and link between us. 

This service provider needs to populate the address field of the AD User accounts by way of user account object access via a service account provided by me.  My question is how do I configure the DC / Domain that it replicates AD to the remote DC for our service provider but does not attempt any authentication of users on my side?

All input welcome. N

1 Comment   [ + ] Show comment
  • This looks good https://technet.microsoft.com/en-us/library/cc787370(WS.10).aspx also I can disable the netlogon service on the offsite DC - sonik777 7 years ago

Answers (1)

Posted by: SMal.tmcc 7 years ago
Red Belt

  • Thanks thats straight forward and direct but I have 700 clients. There's got to be a way to do this without relying on 'vintage' configuration files. I was thinking more from DNS perspective or the DC itself. - sonik777 7 years ago
    • you can set up acl's to block the clients subnets from being able to communicate with that server. Only allow the ip(s) of the other DC(s) to talk to this server. - SMal.tmcc 7 years ago

Don't be a Stranger!

Sign up today to participate, stay informed, earn points and establish a reputation for yourself!

Sign up! or login


This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ