Re: Domain Trusts and LDAP
From: GMartin (gmartin_at_gmartin.org)
Date: 01/14/05
- Next message: Denis Wong _at_ Hong Kong: "RE: How to have local administrative rights while logging onto a domai"
- Previous message: Denis Wong _at_ Hong Kong: "RE: NT4 Upgrade to 2003 - Group Policy at remote sites"
- In reply to: Chriss3 [MVP]: "Re: Domain Trusts and LDAP"
- Next in thread: Chriss3 [MVP]: "Re: Domain Trusts and LDAP"
- Reply: Chriss3 [MVP]: "Re: Domain Trusts and LDAP"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 13 Jan 2005 22:39:15 -0500 To: "Chriss3 [MVP]" <noSpamHere@chrisse.se>
Chriss3 [MVP] wrote:
> Another solution may could be to use ADAM (Active Directory in Application
> Mode) for the web application, and create ProxyUser Accounts that relays to
> an Account in the Active Directory but thats not really secure.
>
> For security reasons I recommend you to use IIFP Identify Integration
> Feature Pack for synchronize accounts between the external and internal
> domain. Trusting Domains/Forests are not secure. IIFP is free as long you
> have a copy of Windows Server 2003
>
I'm not really interested in copying our internal credentials out to the
DMZ. Seems risky. I was considering doing all of the trust
communications over IPSEC with direct holes through the firewall or
maybe using ISA to proxy the conncetion.
\\Greg
- Next message: Denis Wong _at_ Hong Kong: "RE: How to have local administrative rights while logging onto a domai"
- Previous message: Denis Wong _at_ Hong Kong: "RE: NT4 Upgrade to 2003 - Group Policy at remote sites"
- In reply to: Chriss3 [MVP]: "Re: Domain Trusts and LDAP"
- Next in thread: Chriss3 [MVP]: "Re: Domain Trusts and LDAP"
- Reply: Chriss3 [MVP]: "Re: Domain Trusts and LDAP"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
