Welcome to ISAserver.org

Application Authentication

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA 2006 Publishing] >> Web Publishing >> Application Authentication

Page: [1]

Message

<< Older Topic Newer Topic >>

Application Authentication - 14.Aug.2006 12:15:21 PM

Remy

Posts: 15
Joined: 14.Aug.2006
Status: offline

Hi All,

nice to have a dedicated 2006 forum!

Has anyone played with using ADAM as an authentication means for published apps? Here's what I would like to see in place for our environment:

- A replicated ADAM authentication database with an scheduled automated import of AD users
- Manually created groups for users outwith AD
- Application authentication incorporating AD and external groups
- The facility to manage users/groups using a web interface

I would like to avoid the need to access local users/groups for account management as our ISA is in the restricted DMZ.

Any help would be very much appreciated.

cheers,
Remy

The ISA FAQ is still quoting late summer for the official release of 2006, anyone know when MS thinks the end of summer is?

Post #: 1

Featured Links*

RE: Application Authentication - 14.Aug.2006 3:42:55 PM

tshinder

Posts: 47408
Joined: 10.Jan.2001
From: Texas
Status: offline

Hi Remy,

ISA 2006 has RTM'd and should be GA by the end of the month.

I don't think you can get ADAM to do that type of authentication for ISA. ISA as domain member is much more secure, did you know that?

Check this out:

http://www.isaserver.org/tutorials/Debunking-Myth-that-ISA-Firewall-Should-Not-Domain-Member.html

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/

GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8

(in reply to Remy)

Post #: 2

RE: Application Authentication - 14.Aug.2006 3:52:52 PM

Remy

Posts: 15
Joined: 14.Aug.2006
Status: offline

Ah Tom,

many thanks. As always your articles are articulate and informative. There is a "perception" within our organisation that domain membership is not the best practise (not the first you have heard this eh?), this should help me win over a few of the security people.

thanks again,
Remy

(in reply to tshinder)

Post #: 3

RE: Application Authentication - 14.Aug.2006 4:15:31 PM

tshinder

Posts: 47408
Joined: 10.Jan.2001
From: Texas
Status: offline

Hi Remy,

Thanks!

If they have some intelligent feedback on this, it would be great if you could share it here or in the Coffee Shop forum. If they have some valid reasons for not making the ISA firewall a domain member (other than the superstitions that we have already debunked), then I'd like to take them into consideration and make them part of the article as an update.

Thanks!
Tom

_____________________________

Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/

GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8

(in reply to Remy)

Post #: 4

RE: Application Authentication - 14.Aug.2006 4:28:55 PM

Remy

Posts: 15
Joined: 14.Aug.2006
Status: offline

I will certainly share any information that will be relevant to others.

thanks again,
Remy

(in reply to tshinder)

Post #: 5

RE: Application Authentication - 15.Aug.2006 3:20:33 AM

tshinder

Posts: 47408
Joined: 10.Jan.2001
From: Texas
Status: offline

Hi Remy,

Thanks!
Tom

_____________________________

Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/

GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8

(in reply to Remy)

Post #: 6