Hello
I saw this section tonight. https://vbr.veeambp.com/VBP/Security/Se ... mains.html
Veeam mentioned two forest trust and one active directory schema.
production.local
mngt.local
But i always use two different active directory schema and not make trust relationship. Yes it will management overhead.
Primary and Additional DC: customer.local - IP subnet 172.16.0.0
Primary and Additional DC: customer.mgmt- IP subnet 10.10.10.0
customer.local is use for clients and servers (sql, file server, rdp etc)
customer.mgmt is use for vmware, veeam, backup devices or etc
All users (include IT staff) in the customer.local domain. I add customer.mgmt dc address to in the customer.local conditional forwarders. So dns resolution is works.
Is there anything I missed about this design? Pros and cons?
-
crackocain
- Service Provider
- Posts: 241
- Liked: 27 times
- Joined: Dec 14, 2015 8:20 pm
- Full Name: Mehmet Istanbullu
- Location: Türkiye
- Contact:
-
HannesK
- Product Manager
- Posts: 14320
- Liked: 2890 times
- Joined: Sep 01, 2014 11:46 am
- Full Name: Hannes Kasparick
- Location: Austria
- Contact:
Re: Veeam Best Practise - Management Domain
Hello,
I don't see anything missing in your design. You already described the con with more management overhead. From a Veeam backup perspective I don't see any overhead. Maybe for other services.
Best regards,
Hannes
I don't see anything missing in your design. You already described the con with more management overhead. From a Veeam backup perspective I don't see any overhead. Maybe for other services.
Best regards,
Hannes
Who is online
Users browsing this forum: Bing [Bot], twirtley and 179 guests