I have a concern related to DC (Domain Controller) located into DMZ on ASA running 7.2.
The scenario as following, all LAN segments reside behind the ASA's inside interface as well as the DC server, I have a bunch of branches connected all the way to my DMZ interface and accessed the DC with NATted IP address from the DMZ subnet.
The branch's user can't join the domain and they saw the DC with its real IP (inside IP) not the translated one, I overcome the problem by statically configured the DC to be shown with its real IP on DMZ and this solve the issue and users joined the domain smoothly.
How could I solve the issue and keep the DC shown with NATted IP on DMZ !!