Posts: 10
Joined: 11.Jun.2003
From: Fremont, CA
Status: offline
I originally setup my ISA2004 server as a stand-alone config. Now, I joined the machine to the internal domain so that I can assign permissions (putting domain users into local groups and allowing users through based on local permissions).
Even though the machine is on the domain and is logging onto the domain, the firewall refuses to allow access with anything except local accounts.
Is there a better way to handle this, or should I simply use ISA to authenticate users instead of Win2003?
Tom, in skimming your new book, I saw something like "Joining ISA server to the AD Domain is the recommended method" (as close as I can recall, anyway).
I was always under the impression that an ISA Server as DC of its own Domain (no other services), Trusting the 'actual' domain, was the most secure. I had tried that, and it didn't work good enough to leave it that way.
I had intended to try again with ISA 2004, but if it is actually recommended to join the Domain as a member server, then I won't give it a try.
Posts: 10
Joined: 11.Jun.2003
From: Fremont, CA
Status: offline
Well, FWIW, I was able to resolve the issue fairly simply ... after all, "when in doubt, try the strongest and easiest to fix."
I made the ISA a member of the domain for simplicity sake, and installed IAS on my DC to give me a RADIUS server; after that, I authenticated against the domain users and groups without a single hitch.
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Printable Version
All Forums >> [ISA Server 2004 General ] >> Installation >> authentication with domain after stand-alone install 
authentication with domain after stand-alone install - 
RE: authentication with domain after stand-alone install - 
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread