I'll elaborate. That advice is wrong. The rest is just words. HTH, Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://spaces.msn.com/members/drisa/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls > -----Original Message----- > From: Danny [mailto:nocmonkey@xxxxxxxxx] > Sent: Tuesday, September 27, 2005 7:55 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: 2000 to 2004 Possible Upgrade > Scenarios with Seperate ISA AD Forest > > http://www.ISAserver.org > > On 9/27/05, Jim Harrison <Jim@xxxxxxxxxxxx> wrote: > > First bad assumption - don't build your forest structure > around ISA - > > build ISA into the forest structure. Design your AD before > you worry > > about your edge. > > I should have mentioned that I came across this document > before posting: > > http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/sec > urityhardeningguide.mspx > > "Determining Domain Membership > > In many cases, you may want to set up the ISA Server computer as a > member of a domain. For example, if you will create a policy that > relies on domain user authentication, ISA Server should belong to a > domain. > > If the ISA Server computer is protecting the edge of your network, we > recommend that you install it in a separate forest (rather than in the > internal forest of your corporate network). ..." > > Can you please elaborate, Jim? > > > You can adapt the ISA deployment to that later. > > Good point. On the same token, I want to focus on doing it right the > first time. > > Much appreciated, > > ...D > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion > List as: tshinder@xxxxxxxxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx > >