How to put DC in DMZ

[Wadee]

I want my network to get something. Provided I have two computers available in the server and router functions need. I have roughly the following scenario: A PC is running with fli4l as a router. The other PC is to provide the following server functions: DHCP Server, Wins server, Domain controller (Active Directory), File Servers, Web Server, Email. If there is an issue in the operation of server then it should go in DMZ. I mean to say that a web server should put that put in a DMZ. I just do not know if this works with the domain controller etc. If this thing is working then please let me know the procedure for that. Thanks in advance.

[Aleksandra]

Do not get me wrong but what is the sense in putting DC in the DMZ? I thought that it uses a DMZ to provide direct access from the outside onto internal power to prevent. A Web / Mail / FTP - Server in the DMZ makes sense, but the internal file server and domain controller does not make any sense. If you can explain me this thing then I can clearly understand the problem you are facing or thing that you are trying to achieve. I am not saying that doing this thing is stupidity but according to me this is not a intelligent step. I will be waiting for further response from your side.

[Wadee]

See currently I am having only two computers available and would like to separate router and server. I must therefore provide different services as described above with a computer system. Of course, a PDC is installed in the DMZ for security, especially not when it is operated on the same system but as a public web server. But again my question concretely: Does the PDC in DMZ or complicated configuration is required or not. When I look down times to a hardware router I could use both computer system and servers, one in the DMZ and the other in the internal network. I hope that you have clearly understood the problem that I am having.

[kraal]

So a DC in the DMZ for the following reasons makes no sense at all. Advantages: - I cannot think of a single one. Disadvantages: The purpose of a DMZ is, among other things, that out of it, no connections can be built into the internal network. A DHCP, DNS or WINS server so its services cannot provide for the PCs in the internal network. You'd have for so many open ports that DMZ already makes no sense. Furthermore, there are DMZ servers that can be compromised. The example of an attack on your web server is most likely to have your DC cover. If you have only these two computers are available, you should first consider what services you need as urgent. How many client PCs do you have that you need a DC. After deciding these things you can revert back to get the solution.