Re: Multiple ADAM Problem
- From: "Joe Kaplan" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 17 Oct 2006 09:55:46 -0500
Will there be a forest trust between the current forest and the new forest?
Since the ADAM server can only belong to one domain/forest, it would need a
trust in order to authenticate bind proxies from a different forest.
Another option you could look into would be to use ADFS and use federation
to tie all of these things together. You get a lot more flexibility that
way, at the cost of (potentially) more complexity.
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"sfloyd" <sfloyd@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:54D01B0B-099A-47C2-A6AD-BC9EEEA31538@xxxxxxxxxxxxxxxx
I have custom web applications that are currently authenticating against
ADAM. ADAM is populated with proxy Objects from AD and also ADAM user
accounts. ADAM was used because we did not want to extend the AD schema
for
these applications.
Problem: I have a requirement for a new forest to authenticate against
this
application. We would like a single source for authentication. The new
forest is going to require a deployment of a new ADAM instance.
Questions: Is there a way for a single ADAM instance to proxy
authentication to multiple backend ADAM servers?
Can I do this without deploying MIIS? I would like to stay away from a
meta-directory and sync scripts if I can)
Thanks for any help. (BTW - I am looking at a product called RadiantOne
VDS
to help with this problem, but would like to stick with a Microsoft
solution).
.
- Prev by Date: Re: What is Federation Service Uniform Resource Locator (URL) used for
- Next by Date: Re: Microsoft Exchange System Objects Container
- Previous by thread: Re: What is Federation Service Uniform Resource Locator (URL) used for
- Next by thread: Re: Multiple ADAM Problem
- Index(es):
Relevant Pages
|
