First of all, let me start by saying that i'm not pro-accesingdomaincontrollersfromdmz because of the enormous security hole it implies but one of my customers wants this for some strange reason.... I have a server A hosting a wcf authentication service, placed in the DMZ and they allowed it in their firewall to get to:
- Sql Server B through port 1433. This one is inside the domain network.
- Domain controller C, port 389.
I have a html form to test the authentication before deploying, so i send this -- username:DOMAIN\USER pass:PASSWORD and i always get this in my logs: LogonUser error: There are currently no logon servers available to service the logon request.
The thing is in this sql server i have two databases of the same application. When you hit number 1, you're using the app's integrated security and the service returns an OK right away. The problem is when hitting the app's database that uses domain authentication, it always shows that message. If i have an open connection to a domain controller is there something i need to setup to make this work? Any kind of guidance would be much appreciated.