We currently have a small windows 2003 domain setup where all the users are internal employees. We are looking to create a new class of user accounts that are external customers. This group of accounts would be held under active directory for maintenance only. (Another application will pull the account info from here using ldap). In other words, these accounts would have no access to any internal domain resources.
I'm not sure how to procede with this. Should this all take place on a seperate server on a completely different domain or could I somehow intergrate these accounts into our current envirionment ?