How to RDP into a Terminal Server THEN access Active Directory on an internal-only DC_问答_开发者

How to RDP into a Terminal Server THEN access Active Directory on an internal-only DC

开发者 https://www.devze.com 2023-01-23 19:44 出处：网络

I have a dev network setup modeled after a production setup at work, and I\'ve been able to successfully query Active Directory when I\'m in the same subnet and can resolve the server. Now, I\'m tryin

I have a dev network setup modeled after a production setup at work, and I've been able to successfully query Active Directory when I'm in the same subnet and can resolve the server. Now, I'm trying to set this up where I am required to remote into a terminal server, which is the only internet accessible server, and use that connection to gain access to an internal-only domain controller where I can then run my queries (all in C#). Maybe a better way of explaining this would be I'm trying to turn this RDP connection into a network bridge of sorts, where I can use the internal address of the DC (such as 192.168.1.1) from across the internet when I create my LDAP path.

Is RDP the right thing to use? I found this off of the code project, but it appears to be for setting up a remote desktop as opposed to allowing me access to the internal DC:

// RDP test
        rdp.Server = "firewall";
        rdp.UserName = "Administrator";
        IMsTscNonScriptable secured = (IMsTscNonScriptable)rdp.GetOcx();
        secured.ClearTextPassword = "mypassword";
        rdp.Connect();

        string moo2 = rdp.UserName;
        string moo = rdp.ProductName;

        rdp.Disconnect();

My dev TS is called "firewall", and from there I want to be able to execute the code below against the DC:

// Fire up the directory
        DirectoryEntry ADRoot = new DirectoryEntry();
        ADRoot.Username = "myusername";
        ADRoot.Password = "mypassword";
        ADRoot.Path = "LDAP://192.168.1.11";

        // Search for all the computer开发者_如何转开发 objects
        DirectorySearcher searcher = new DirectorySearcher();
        searcher.Filter = "(&ObjectCategory=computer)";
        searcher.SearchRoot = ADRoot;
        SearchResultCollection results = searcher.FindAll();

I'm all for just about any approach that will let me hit this internal DC from over the internet.

After much google research, it looks like the best approach will require a VPN connection. Once I have an established VPN connection (doesn't matter where or what server in the network lets me in), I can then use the LDAP protocol.

Yes VPN basically extends the network to your machine as well. in some cases for security reasons you wont get this access. RDP is only a screen on a machine running there and does not fit your needs.