RE: Domain Auth with non member server

  • From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Mon, 6 Sep 2004 14:55:51 -0500

Hi Paul,

Can you enumerate the actual and reproducible reason for not joining the
ISA firewall to the domain? "Hardware" firewall vendor's FUD does not
count.

Thanks!

Tom
www.isaserver.org/shinder
Get the book!
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7
MVP -- ISA Firewalls



-----Original Message-----
From: Paul Deen [mailto:pdeen@xxxxxxxxxxxx] 
Sent: Monday, September 06, 2004 2:49 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Domain Auth with non member server


http://www.ISAserver.org

Can anyone point me to an article on how to setup your ISA with a Simple
Edge Firewall setup not being a member of the Domain but still base
authentication for Web (HTTP,HTTPS,FTP etc) and VPN clients on Active
Directory? Windows 2003.

More details:
A couple of weeks ago we 'upgraded' from ISA 2000 to ISA 2004. Most
things worked okay, but we had some issues that didn't seem to work
right, but worked in my test environment that I did a clean build.

So I rebuilt the server from the ground up and this time did not join
the ISA server to the Domain as recommended in the Microsoft docs. I
have also seen people on this list recommend this setup.

How can I base authentication off of AD? When I try to select my Domain
it only shows the local computer accounts. 
As it stands now, I have to allow everything anonymous and my VPN
clients cannot connect because it cannot authenticate to AD. I want to
require authentication from my AD.

We do not have nor plan on using a RADIUS server. Is this still
possible?

Thanks!

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 09-2004