authentication with domain after stand-alone install (Full Version)

All Forums >> [ISA Server 2004 General ] >> Installation



Message

randybridges -> authentication with domain after stand-alone install (17.Dec.2004 3:19:00 AM)

I originally setup my ISA2004 server as a stand-alone config. Now, I joined the machine to the internal domain so that I can assign permissions (putting domain users into local groups and allowing users through based on local permissions).

Even though the machine is on the domain and is logging onto the domain, the firewall refuses to allow access with anything except local accounts.

Is there a better way to handle this, or should I simply use ISA to authenticate users instead of Win2003?

TIA!

Randy



tshinder -> RE: authentication with domain after stand-alone install (20.Dec.2004 10:41:00 AM)

Hi Randy,

Did you configure the clients as Web Proxy and Firewall clients?

Thanks!
Tom



moose -> RE: authentication with domain after stand-alone install (23.Dec.2004 12:08:00 AM)

Tom, in skimming your new book, I saw something like "Joining ISA server to the AD Domain is the recommended method" (as close as I can recall, anyway).

I was always under the impression that an ISA Server as DC of its own Domain (no other services), Trusting the 'actual' domain, was the most secure. I had tried that, and it didn't work good enough to leave it that way.

I had intended to try again with ISA 2004, but if it is actually recommended to join the Domain as a member server, then I won't give it a try.

Just wanted your (anyone's) comment on this.

Thanks



randybridges -> RE: authentication with domain after stand-alone install (9.Jan.2005 1:05:00 PM)

Well, FWIW, I was able to resolve the issue fairly simply ... after all, "when in doubt, try the strongest and easiest to fix."

I made the ISA a member of the domain for simplicity sake, and installed IAS on my DC to give me a RADIUS server; after that, I authenticated against the domain users and groups without a single hitch.

Thanks, everyone



Page: [1]