Re: Secure access to RPC over HTTPs
- From: "Mark Arnold [MVP]" <mark@xxxxxxxx>
- Date: Sat, 22 Oct 2005 09:25:47 +0100
On Fri, 21 Oct 2005 13:44:04 -0700, "RB"
<RB@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
>Hi,
>
>We are running Exchange 2003 FE + BE. ISA 2004 will be used to publish RPC
>over HTTP.
>
>We have one problem: only username + password is not compliant with our
>security policy.
>
>1) We would like some kind of additional authentication beside username +
>password, for instance the requirement of a user certificate. Is it possible
>to successfully configure RPC over HTTP + the require user certificate option
>on ISA or IIS? I understand a setup with RSA Secure ID is out of the
>question.
>
>2) If above is not possible we would like to restrict users to access RPC
>over HTTP from domain member computers only. Is it possible to force the ISA
>2004, RPC proxy or IIS to accept only users logged on to the domain (our
>users will be working with cached credentials on their laptops)?
>Do any settings exist in NTLM we can implement to allow users with cached
>credentials on their laptops to logon while preventing other users to logon
>interactively?
>
>
There are loads of resources for this one, the easiest MS solution is
to put the FE behind an ISA and use the RSA capabilities in ISA 2004
to pre-authenticate at the gateway and then gain access to the
network.
What you say RSA is out of the question, who is it out of the question
for? You, or your understanding of the question?
.
- Prev by Date: Re: Organizational Forms
- Next by Date: 440 Login Timeout!! OWA Authentication error!!
- Previous by thread: Re: "Recipient Name is not Recognized"
- Next by thread: Re: Secure access to RPC over HTTPs
- Index(es):
Relevant Pages
|
