Active Directory - single server versus federated servers

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: flcgil <flcgil@xxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Thu, 25 Sep 2008 15:31:01 -0700

I am working on the design of a new online environment where I am going to
have multiples application server in a farm configuration. We want to use de
Active Directory as an LDAP base. This base will be used as a security
repository, with heavy access from the application servers.

Based on that scenario, I would like to identity the best approach:

1) A single server accessed for all the application servers;

2) A federated LDAP Active Directory configuration, where each AD has a copy
of the LDAP base and each AD instance is dedicated to one application server.

Besides, if anyone has worked with one of these approaches in a similar
scenario, I appreciate if you can send me details of how the solution was
implemented.

Thanks

.

Follow-Ups:
- Re: Active Directory - single server versus federated servers
  - From: Meinolf Weber
- Re: Active Directory - single server versus federated servers
  - From: Meinolf Weber

Prev by Date: Re: delegate control, hiding tabs or blocking permissions in those
Next by Date: Re: Authentication woes
Previous by thread: Active Directory - Virtualization for performance
Next by thread: Re: Active Directory - single server versus federated servers
Index(es):
- Date
- Thread

Relevant Pages

Re: Active Directory - single server versus federated servers
... This posting is provided "AS IS" with no warranties, and confers no rights. ... going to have multiples application server in a farm configuration. ... want to use de Active Directory as an LDAP base. ... Based on that scenario, I would like to identity the best approach: ...
(microsoft.public.windows.server.active_directory)
Re: Active Directory - single server versus federated servers
... You can not assign a DC for logon to a special user or in your case application, except they are in different sites, then you shoudl have in each site a DC and throughout configuration in Active directory sites and services, with subnets and sites creating, you can configure the logon server for the site. ... If this one is not available it chooses another one for authentication. ... want to use de Active Directory as an LDAP base. ... Based on that scenario, I would like to identity the best approach: ...
(microsoft.public.windows.server.active_directory)
Re: FOLLOW UP - Re: what certificate to buy from Verisign ?
... > Yes, when calling webservice which is SSL protected from cilent proxy, the ... > usually in a server to server scenario, once response is received, the ... >> handshake is done, and a session key is established, session key is ...
(microsoft.public.dotnet.framework.webservices.enhancements)
Re: IIS and FQDN authentication confusion
... Scenario 2 does not work because the site is not in the Intranet zone. ... It sounds like you might not be getting Kerberos authentication to the web ... server when you use the FQDN, and thus delegation is not working. ...
(microsoft.public.dotnet.framework.aspnet.security)
RE: live streaming...am I on the right track?
... > Scenario: My church has a Thursday night service that has reached 100% ... > server and sharepoint. ... you'll need total bandwidth equal to * (encoding bitrate). ... I'm not sure I've seen a time control in Media Server ...
(microsoft.public.windowsmedia.encoder)