Re: Domain authentication problem

• From: "Etienne Goetynck" <Etienne.Goetynck@xxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 3 Sep 2003 15:07:23 +0200

English reference : 
http://support.microsoft.com/default.aspx?scid=kb;en-us;280132

> -----Original Message-----
> From: Etienne Goetynck
> Sent: mercredi 3 septembre 2003 15:05
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Re: Domain authentication problem
> 
> http://www.ISAserver.org
> 
> 
> - Firewall is a WatchGard Firewall
> - Microsoft note is : http://support.microsoft.com/?kbid=280132 (My objective
> is very similar, I would like publish a Sharepoint Portal Server).
> - On my LAN, I have 2 DC
> 
> I have no other choice than using "Domain Traffic" across Firewall. I must
> keeping single sign on... and My "users database" is AD.
> 
> My main problem is : sometimes, it's working perfectly (then I suppose my
> configuration is'nt too bad)
> 
> 
> 
> 
> 
> 
> 
> 
> > -----Original Message-----
> > From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
> > Sent: mercredi 3 septembre 2003 14:50
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] Re: Domain authentication problem
> >
> > http://www.ISAserver.org
> >
> >
> > Without knowing :
> > 1. what the inner firewall is
> > 2. what reference you used (there are several)
> > 3. how many domain controllers you use
> >
> > ..it's a little difficult to say what the real problem is.
> > Have you traces the communications across the inner firewall while making
> > these tests?
> >
> > Generally speaking, domain traffic across any firewall is problematic at
> best
> > and completely unsupported across ISA (on purpose; it's VERY insecure).
> >
> >   Jim Harrison
> >   MCP(NT4, W2K), A+, Network+, PCG
> >   http://isaserver.org/Jim_Harrison/
> >   http://isatools.org
> >   Read the help / books / articles!
> >
> >
> > On Wed, 3 Sep 2003 14:43:34 +0200
> >  "Etienne Goetynck" <Etienne.Goetynck@xxxxxxx> wrote:
> > http://www.ISAserver.org
> >
> >
> > Hello,
> >
> >
> >
> > I have the following problem, and I'm out of idea :-( :
> >
> >
> >
> > I have an ISA Server, configured as Reverse Proxy, in DMZ (Firewall is not
> an
> > ISA Server)
> >
> > This server publish the content of an another website, located in LAN.
> >
> >
> >
> > HTTPS and authentication are enabled for this access. Authenticated users
> are
> > from My Windows Domain, not from local server. (My ISA server is on a W2K
> > server, integrated to my DOMAIN and all corrects ports are open on my
> Firewall
> > (following a note from Microsoft).
> >
> >
> >
> > All is functioning correctly... but only time to time.
> >
> >
> >
> >
> >
> > When I make a request on my website (from an external connexion), I receive
> > authentication windows but, when I try to connect with a user, sometimes
> it's
> > OK, sometimes it's KO.
> >
> >
> >
> > When it's OK with the first user, I can try with a second one... and OK or
> KO
> > are possible.
> >
> > When it's KO with the first user, I can try with a second one... and OK or
> KO
> > are possible.
> >
> >
> >
> > Is anybody has a suggestion for me ?
> >
> >
> >
> > Thank you in advance
> >
> >
> >
> > Etienne
> >
> >
> >
> >
> >
> > ________________________________________________
> > Goetynck Etienne
> > System Engineer                  Email : Etienne.Goetynck@xxxxxxx
> > Business Solutions Builders        website : http://www.bsb.com
> > Place de l'université, 25                         B-1348 Louvain-la-Neuve
> > Belgium
> > Phone : +32 (0)10 48.34.93                          Fax : +32 (0)10 48.34.99
> > ________________________________________________
> >
> >
> >
> >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Network Security Library: http://www.secinf.net/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List as:
> > jim@xxxxxxxxxxxx
> > To unsubscribe send a blank email to $subst('Email.Unsub')
> >
> > ^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*
> >
> > All mail from this domain is virus-scanned with RAV.
> > www.ravantivirus.com
> >
> > ^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*^*
> >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Network Security Library: http://www.secinf.net/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List as:
> > etienne.goetynck@xxxxxxx
> > To unsubscribe send a blank email to $subst('Email.Unsub')
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> etienne.goetynck@xxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » Domain authentication problem
• » Re: Domain authentication problem
• » Re: Domain authentication problem
• » Re: Domain authentication problem
• » Re: Domain authentication problem
• » Re: Domain authentication problem
• » Re: Domain authentication problem

1. Home
2. isalist
3. Archive
4. 09-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---