Active Directory and Single Sign On for external websites

The issue I am running into is that a company has about 6 external websites that have a generic username and password that they are continuously having to change if an employee leaves or gets fired. They are wanting me to install a server with Active Directory so that when a user logs on with their credentials, it passes the logon information for the external websites to a browser and bypasses them having to hand out the credentials to every Joe that comes and goes from the company. That way if the employee is no longer a valid user, we just disable him in AD and he cannot gain access to the external websites/internal network. This is my first go with Single Sign On situations, any help/advice is greatly appreciated.
LVL 1
Josh GarrettNerdAsked:
Who is Participating?
 
bbaoIT ConsultantCommented:
we need to know that as it is essential for you to find the right solution.

say the external sites are IIS based and running on Windows servers, it is technically possible to seamlessly integrate them with the exisiting domain over the Internet via VPN.

if the sites are Apache based on a Linux distribution, it is technically possible to deploy a Radius or LDAP server in the corporate network (DMZ preferred), and configure or develop the web applications to authenticate using the directory serives on the Internet (via VPN preferred).
0
 
bbaoIT ConsultantCommented:
where are the external sites located? hosted somewhere on the internet where is totally separated from your corporate LAN?
0
 
Josh GarrettNerdAuthor Commented:
Yes, completely external and in no way affiliated with the company.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
bbaoIT ConsultantCommented:
are the external websites IIS based or on any non-Windows OS?
0
 
Josh GarrettNerdAuthor Commented:
That's something I would have to research and get back on.
0
 
Josh GarrettNerdAuthor Commented:
I will work on that this week, it's going to be fun trying to get all entities together for such an accomplishment. Will report back as soon as I can get more info.
0
 
Muhammad MullaCommented:
If they are externally hosted services run by someone else, it will be worth checking what types of single sign on they support.

Depending on the software, you may need to use, SAML, ADFS or something based on Certificates.
0
 
Josh GarrettNerdAuthor Commented:
Client decided to go with Microsoft 365/Azure hosted as a solution instead of bringing server in house.
0
 
Josh GarrettNerdAuthor Commented:
Thanks for the assistance guys.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.