PLEASE HELP! Authentication from internet

A

adbos

Hi, we have a Windows 2000 Active Directory implemented. My company is
planning to create an intranet application and give a possibility to our
clients (and they have accounts in our AD) to log on from internet and use
that application. So, that app. will be placed in DMZ and IIS (placed in DMZ
to) will have to have an ability to LDAP query AD if that particular user is
authorized to use that app. and if password is ok. We are testing secure
LDAP query and it works fine. There is only one problem for as. If someone
break in on that server in DMZ, he will have an access to our AD and that is
what we do not wont!

I'm looking for some secure solution:)

I know about ONT's UIdP solution, but my company doesn't like it:(

PLEASE HELP
 
R

Ryan Hanisco

If this is a web application, use ASP.Net and forms-based authentication as
a gateway to your application. This way you can do authentication and pass
that through to a DC without exposing the DC to the outside world.

Remember to do SSL on the actual authentication page and let the IIS
instance manage the session and authentication from there. This is pretty
easy and fast to configure.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

authentication in AD problem 3
AD in the DMZ - Any thoughts on this scenario? 9
DMZ webserver portal question 2
Domain recommendation for DMZ servers 5
Authentication Samba 3 on Active Directory 3
Firewall and Windows 2000 1
Is Windows 2003 AD domain controller to be set a read only copy in DMZ zone? 5
Bulk Import from Lotus 3

Top