Group membership for an AD integrated firewall
Posted on 2009-05-15
We are admins for a Windows Server 2003 machine but the firewall on the network is administered by a third party. In order to integrate the firewall with active directory we need to grant the third party a user account with privileges that would enable the firewall to poll the AD and check for user authentication. We want to ensure this account has the minimum rights to ernable them to do this job but nothing more, i.e. No admin rights, no logon rights.
As far as I am aware this is a typical AD integrated firewall senario. The firewall in question is a Firebox.