Welcome to ISAserver.org

Will TMG support authentication to a non MS LDAP directory?

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [Threat Management Gateway (TMG) 2010] >> General >> Will TMG support authentication to a non MS LDAP directory?

Page: [1]

Message

<< Older Topic Newer Topic >>

Will TMG support authentication to a non MS LDAP direct... - 12.May2009 12:23:03 PM

jasonmcochran

Posts: 3
Joined: 12.May2009
Status: offline

I have donwloaded the TMG VHD from Microsoft's public website to see if it was possible to configure authentication to a non Microsoft LDAP, but it does not appear to be an option. Does anyone know if there is a plan to add support for authenication to anything other than RADIUS, AD or LDAP to AD?

Thanks!

Post #: 1

Featured Links*

RE: Will TMG support authentication to a non MS LDAP di... - 12.May2009 12:40:23 PM

Jason Jones

Posts: 4383
Joined: 30.Jul.2002
From: United Kingdom
Status: offline

What directory do you need?

_____________________________

Jason Jones | Forefront MVP | Silversands Ltd
My Blogs: http://blog.msedge.org.uk/ and http://blog.msfirewall.org.uk/

(in reply to jasonmcochran)

Post #: 2

RE: Will TMG support authentication to a non MS LDAP di... - 12.May2009 1:16:11 PM

jasonmcochran

Posts: 3
Joined: 12.May2009
Status: offline

The new 2008 AD LDS would be great, but any LDAP directory besides AD will work.

Thanks!

(in reply to Jason Jones)

Post #: 3

RE: Will TMG support authentication to a non MS LDAP di... - 18.May2009 9:22:34 AM

tshinder

Posts: 49701
Joined: 10.Jan.2001
From: Texas
Status: offline

No -- TMG has the same LDAP support as the ISA firewall.

For expanded LDAP option, investigate IAG or the upcoming UAG.

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to jasonmcochran)

Post #: 4

RE: Will TMG support authentication to a non MS LDAP di... - 20.May2009 9:23:22 AM

jasonmcochran

Posts: 3
Joined: 12.May2009
Status: offline

Thanks for the reply, Tom. It's disapppointing that TMG will not support authentication to AD LDS, but at least now I can plan accordingly.

(in reply to jasonmcochran)

Post #: 5

RE: Will TMG support authentication to a non MS LDAP di... - 22.May2009 8:58:08 AM

tshinder

Posts: 49701
Joined: 10.Jan.2001
From: Texas
Status: offline

On the bright side, the IAG and subsequent UAG does support LDAP to all authentication providers

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to jasonmcochran)

Post #: 6

RE: Will TMG support authentication to a non MS LDAP di... - 9.Jun.2009 4:36:42 PM

mylo

Posts: 143
Joined: 26.Mar.2002
Status: offline

Tom,

Thumbs up with the IAG support, but it'd be nice if TMG could specify a base DN, search scope and a custom user attribute such as UID to support LDAP v3 servers.... I know now for simplicity's sake it's easy to mask that use via samAccountName, but it'd definitely be an extra string in the bow for external non-AD support.

Regards,
Mylo

(in reply to tshinder)

Post #: 7

RE: Will TMG support authentication to a non MS LDAP di... - 11.Jun.2009 9:24:38 AM

tshinder

Posts: 49701
Joined: 10.Jan.2001
From: Texas
Status: offline

If you're wanting to do this for inbound access control, then UAG is your future. Few resources going forward will be devoted to TMG for inbound access, as most of those are going toward the UAG. So it would be great to get on board early :)

Thanks!
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to mylo)

Post #: 8