DMZ - IIS AD Authentication

Posted on 2011-10-17
Last Modified: 2012-05-12
Hi Experts,

We have a web server (Windows 2008 R2 - IIS 7) that sitting inside the DMZ. And we have a web application that requires an AD authentication (users login using their domain username and password).

What is the best practie to achive this?
RODC? ADFS? or is there any other way?
Can you also please help me with the step by step? (please note that we don't have an ISA server)

AD Authentication from DMZ is a new thing for me; so I need a detailed explanation.

Thanks very much.

Question by:DAHITSydney
    LVL 13

    Accepted Solution

    There's a couple of ways you can do this.

    1 an authentication webservice
    With this you basically build a web service that receivesa user and pwd and runs it to a dc to check.
    2 an rodc in the dmz ..
    3 federation services

    In any case you need some dmz machine to operate on it.  
    LVL 2

    Author Closing Comment

    thank you

    Featured Post

    PRTG Network Monitor: Intuitive Network Monitoring

    Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

    Join & Write a Comment

    If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
    The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
    This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
    This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    22 Experts available now in Live!

    Get 1:1 Help Now