We are designing a highly available Direct Access solution for an enterprise customer. We will use two NICs to implement within a DMZ. The customer does not want a corporate domain joined server in the DMZ so they have suggested creating a new Forest/Domain with a full trust relationship with corporate. The new forest would have 2 DCs and the 2 Remote Access servers and these will sit in the DMZ. NLS servers would still remain in the corporate domain. All Direct Access clients would be part of the corporate domain.
I have two questions:
- Is this possible to implement and would it be supported?
- What is the benefit (if any) of doing this?
Gerry Hampson | Blog: www.gerryhampsoncm.blogspot.ie | LinkedIn: Gerry Hampson | Twitter: @gerryhampson