Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
workgroup versus domain member
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
workgroup versus domain member - 2.Nov.2006 10:33:24 PM
|
|
|
paul_psmith
Posts: 53
Joined: 2.Nov.2006
Status: offline
|
Not sure if this was the right forum for this question.
I found one article on the site about the pros and cons of workgroup versus domain members. We are about to set up our ISA infrastructure for an Exchange 2003 upgrade and we had planned to use a workgroup for the ISA and SCC servers, but I would like to get more info on what was in the article and possibly any others experience setting up in a workgroup.
Thanks
|
|
|
|
RE: workgroup versus domain member - 3.Nov.2006 12:18:53 PM
|
|
|
paul_psmith
Posts: 53
Joined: 2.Nov.2006
Status: offline
|
Thanks for the links, but in truth, I don't see a lot of detail that tells me exactly why I should put my ISA servers in a domain. Since 2006 now supports LDAP authentication (will it also allow authentication against another LDAP directory other than AD?), it seems that that was a big reason to keep the boxes in the domain, but I am not convinced yet.
I'm not trying to be a bother or elitist. I am a big Windows fan. I like the direction it is going and the inegration is great. I am just asking because if I decide to go down the add to the domain path, then I need some ammunition to convince others in the security group who are not as Windows savvy.
Thanks
|
|
|
|
|
RE: workgroup versus domain member - 6.Nov.2006 2:17:51 PM
|
|
|
paul_psmith
Posts: 53
Joined: 2.Nov.2006
Status: offline
|
Thanks for the links Stefaan.
I saw the article about LDAP support after I posted, so I am good on that one.
As far as the other two go, we will just be using the ISA server as an Exchange 2003 application firewall for inbound connections (OWA, POP3, RPC/HTTPs, etc.), so we don't need to worry about other outbound stuff which is being handled by our BlueCoats. Do I need to worry about POP3 and RPC/HTTPs in a workgroup or do I need domain membership for that?
We don't have any plans for installing the ISA client, unless it can do something big for us that we can't do wiht the BlueCoats. The BlueCoats are the product of choice by our Security Manager, so I don;t think they will be going away soon.
Thanks
Paul
|
|
|
|
|
RE: workgroup versus domain member - 6.Nov.2006 3:37:33 PM
|
|
|
spouseele
Posts: 12782
Joined: 1.Jun.2001
From: Belgium
Status: offline
|
Hi Paul,
in that case I think it should work equally well with LDAP only.
Note that for POP3 you'll need a server publishing rule and that type of publishing doesn't support authentication at the ISA level. For RPC/HTTPS you'll need a web publishing rule with basic authentication, very similar as with OWA. In fact it can be the same web publishing rule.
HTH,
Stefaan
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
