• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

authentication with domain after stand-alone install

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> Installation >> authentication with domain after stand-alone install Page: [1]
Login
Message << Older Topic   Newer Topic >>
authentication with domain after stand-alone install - 17.Dec.2004 3:19:00 AM   
randybridges

 

Posts: 10
Joined: 11.Jun.2003
From: Fremont, CA
Status: offline
I originally setup my ISA2004 server as a stand-alone config. Now, I joined the machine to the internal domain so that I can assign permissions (putting domain users into local groups and allowing users through based on local permissions).

Even though the machine is on the domain and is logging onto the domain, the firewall refuses to allow access with anything except local accounts.

Is there a better way to handle this, or should I simply use ISA to authenticate users instead of Win2003?

TIA!

Randy
Post #: 1
RE: authentication with domain after stand-alone install - 20.Dec.2004 10:41:00 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Randy,

Did you configure the clients as Web Proxy and Firewall clients?

Thanks!
Tom

(in reply to randybridges)
Post #: 2
RE: authentication with domain after stand-alone install - 23.Dec.2004 12:08:00 AM   
moose

 

Posts: 51
Joined: 21.Jul.2004
Status: offline
Tom, in skimming your new book, I saw something like "Joining ISA server to the AD Domain is the recommended method" (as close as I can recall, anyway).

I was always under the impression that an ISA Server as DC of its own Domain (no other services), Trusting the 'actual' domain, was the most secure. I had tried that, and it didn't work good enough to leave it that way.

I had intended to try again with ISA 2004, but if it is actually recommended to join the Domain as a member server, then I won't give it a try.

Just wanted your (anyone's) comment on this.

Thanks

(in reply to randybridges)
Post #: 3
RE: authentication with domain after stand-alone install - 9.Jan.2005 1:05:00 PM   
randybridges

 

Posts: 10
Joined: 11.Jun.2003
From: Fremont, CA
Status: offline
Well, FWIW, I was able to resolve the issue fairly simply ... after all, "when in doubt, try the strongest and easiest to fix."

I made the ISA a member of the domain for simplicity sake, and installed IAS on my DC to give me a RADIUS server; after that, I authenticated against the domain users and groups without a single hitch.

Thanks, everyone

(in reply to randybridges)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> Installation >> authentication with domain after stand-alone install Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts