I've tested some features. And is working well. Some customers use this 'solution', because the don't have a lot of options($$). I know, *is not a* best practice,* there is some security questions* (*I could say a lot of*) about it, I can find more problems ahead, but *it works*. Unfortunately we can't install dc on the pix, but we can build one ( http://www.packetattack.com/frankenpix.html for more information). Some times we have to think out of the box.... Cheers, Denis On 12/8/05, Thomas W Shinder <tshinder@xxxxxxxxxxx> wrote: > > http://www.ISAserver.org <http://www.isaserver.org/> > You just think you did. There are many and varied surprizes awaiting you, > which will present themselves as security issues or impossible to solve > "weird" problems. Put the DC on the PIX. > > * > > Thomas W Shinder, M.D. > Site: www.isaserver.org > Blog: http://spaces.msn.com/members/drisa/ > * > *Book: **http://tinyurl.com/3xqb7* <http://tinyurl.com/3xqb7> > *MVP -- ISA Firewalls > ****Who is John Galt?***** > > ------------------------------ > *From:* Denis Page [mailto:pagemontreal@xxxxxxxxx] > *Sent:* Thursday, December 08, 2005 8:46 AM > *To:* [ISAserver.org Discussion List] > *Subject:* [isalist] Re: AD and ISA in the same machine > > > http://www.ISAserver.org <http://www.isaserver.org/> I'm testing a > branch office solution. The customer *DON'T* have more than 1 server in > branch. > I solve the problem. Thanks anyway. > > > > On 12/8/05, Jim Harrison <Jim@xxxxxxxxxxxx> wrote: > > > > http://www.ISAserver.org <http://www.isaserver.org/> > > > > One Acronym - DCOM. > > Take > > ISA > > Off > > The > > DC > > > > -------------------------------------------- > > Jim Harrison > > MCP(NT4, W2K), A+, Network+, PCG > > http://isaserver.org/Jim_Harrison/ > > http://isatools.org > > Read the help / books / articles! > > -------------------------------------------- > > > > -----Original Message----- > > From: Denis Page [mailto:pagemontreal@xxxxxxxxx ] > > Sent: Wednesday, December 07, 2005 6:59 PM > > To: [ISAserver.org Discussion List] > > Subject: [isalist] Re: AD and ISA in the same machine > > > > http://www.ISAserver.org <http://www.isaserver.org/> > > Yes. I've installed in a DC. To test some features with AD groups and > > users. > > I could install more computers, but can I use isa server and DC in a > > same machine? > > I'd like to know what can I do to leave the authentication ports open on > > > > ISA/DC Server. > > > > > > > > On 12/8/05, Thor (Hammer of God) <thor@xxxxxxxxxxxxxxx> wrote: > > > > http://www.ISAserver.org <http://www.isaserver.org/> > > > > Just to make sure I understand-- You've installed ISA 2004 on a > > domain > > controller? > > > > If so, uninstall ISA from your DC. ISA serves a completely > > different > > function than a DC. That's like marrying a hooker. > > > > To test, install on a dedicated box or in a VM. > > > > t > > > > > > ----- > > "And yet, even if one person finds his way... that means > > there is a Way. Even if I personally fail to reach it." > > > > Mr. Nobusuke Tagomi > > Top Place, Ranking Imperial Trade Mission > > Pacific States of America > > > > ----- Original Message ----- > > From: "Denis Page" < pagemontreal@xxxxxxxxx> > > To: "[ISAserver.org Discussion List]" < isalist@xxxxxxxxxxxxx > > <mailto:isalist@xxxxxxxxxxxxx > > > > Sent: Wednesday, December 07, 2005 6:25 PM > > Subject: [isalist] AD and ISA in the same machine > > > > > > http://www.ISAserver.org <http://www.isaserver.org/> > > > > Hi, > > > > I've installed ISA Server 2004 STD in a AD machine (to test some > > features). > > After the Install ISA server in DC, the clients don't > > authenticate > > anymore (can't log in domain). > > I've created an access rule with the logon ports (internal to > > localhost) > > but it doesn't work. > > Can anyone help me? > > > > Tnks > > > > > > ------------------------------------------------------ > > List Archives: > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: > > http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: > > http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion > > List as: > > thor@xxxxxxxxxxxxxxx > > To unsubscribe visit > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > <http://www.webelists.com/cgi/lyris.pl?enter=isalist> > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > ------------------------------------------------------ > > List Archives: > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: > > http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: > > http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion > > List as: pagemontreal@xxxxxxxxx > > To unsubscribe visit > > http://www.webelists.com/cgi/lyris.pl?enter=isalist > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > > ------------------------------------------------------ List Archives: > > http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server > > Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server > > FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ Visit > > TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ You are currently > > > > subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To > > unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > All mail to and from this domain is GFI-scanned. > > > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion List as: > > pagemontreal@xxxxxxxxx > > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > > > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > ------------------------------------------------------ List Archives: > http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: > http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: > http://www.isaserver.org/pages/larticle.asp?type=FAQ------------------------------------------------------ > Visit > TechGenix.com for more information about our other sites: > http://www.techgenix.com------------------------------------------------------ > You are currently > subscribed to this ISAserver.org Discussion List as: > tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to > listadmin@xxxxxxxxxxxxx > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > pagemontreal@xxxxxxxxx > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx >