I want to set up two unihomed ISA 2006 Ent. server in a DMZ behind existing FW. Further these server will be in a workgroup. I heard and read a little bit over the new LDAP feature, but I am facing with problems when I try to create any web access rules using created LDAP usersets which existing of the AD group.
Is there any workaround to use AD users and groups for authorisation in a workgroup scenario at all. Or what is the best practise for a webproxy only workgroup environment to control user webaccess without implementing a second user management on the ISA server. Maybe there is a possibility to export the user from the AD group and implement them onto the ISA server, but I think the password problematic will still exist then.