Allow access to AD from External

NethServer Version: 7.4
Module: Samba AD

Please, how to allow access from a system on internet to get users from samba ad?



you can do it with VPN.




139/tcp, 88/tcp, and 445/tcp on the AD server should be reachable by the server on the internet, preferrably using a VPN tunnel or something else secure. You should not want your AD server directly connected to the internet.

So build a VPN tunnel between your AD server and the other system, and make sure the mentioned TCP traffic shall pass :wink: Not sure how functional that is. The better option is a second AD server on location two, connected by tunnel to AD server 1, and that way they share the account DB, and your other server can access the accounts locally without having to use internet to check every logon, which may be unstable or slow or both.


I dont allow to use VPN because acess is for a cloud service, dont have a VPN Option

I am try and return with more information.


I would say without vpn it is really unsecure.
Can you say us which cloud you use? I want to have a look if they write something about alternatives.