Re: Integrated Windows security from a DMZ.

• Previous message: Paul Lynch: "Re: Install IIS 6 on separate partition"
• In reply to: LiveUnDead: "Re: Integrated Windows security from a DMZ."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 29 Jul 2004 08:29:19 -0700

Thanks, that was very helpful

"LiveUnDead" <LiveUnDead@discussions.microsoft.com> wrote in message news:<8A65990B-4E8B-4EA5-BF1F-DE2227EF44FA@microsoft.com>...
> Where is the domain controller for the domain this server is part of ? Is this a separate domain then your production internal domain ?
>
> If this is a separate domain and is trusting your internal domain,
so that you can authenticate your internal users if were to use the
external facing applications from outside your corporate network, then
for security move the external domain controller(s) into the internal
network and configure IPSEC through the wirewall such that all
communication of the webserver with the DC is secure. Since the domain
already trusts the internal production domain, you would be able to
authenticate the internal users.
>
> Hope this makes sense.
>
> "Tom Kaminski [MVP]" wrote:
>
> > "John Giblin" <jwgiblin3@hotmail.com> wrote in message
> > news:3d6785ec.0407081235.5bb5793a@posting.google.com...
> > > I am putting one of my web server in the DMZ. I wanted to know what I
> > > had to do in order for the "Integrated Windows security" to work.
> >
> > Is the server part of the same Windows domain as the clients?
> >
> > --
> > Tom Kaminski IIS MVP
> > http://www.microsoft.com/windowsserver2003/community/centers/iis/
> > http://mvp.support.microsoft.com/
> > http://www.iisfaq.com/
> > http://www.iistoolshed.com/ - tools, scripts, and utilities for running IIS
> > http://www.tryiis.com
> >
> >
> >

• Previous message: Paul Lynch: "Re: Install IIS 6 on separate partition"
• In reply to: LiveUnDead: "Re: Integrated Windows security from a DMZ."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]