Hmmm.. replication problems ? Such as ? And you prefer users not being able to have domain functionality if the VPN link goes down ? How are you building that VPN, btw ? Trust us, make the ISA 2004 a domain member. It'll do the dishes, cuddle your cats, vacuum and mow the lawn without a complaint. Read the articles on the website, get Tom's book (shame on you for not having it yet!) and then, like we all do, send him a big, no, make that huge, box of muffins and donuts with all your love and cuddles for making your life so much easier. Make it a member. Come on. You know you want to. I've done it tons of times, and it's perfectly safe. Regards, Paul. -----Original Message----- From: cerebro [mailto:cerebro@xxxxxxxxxxxxxxxxx] Sent: woensdag 1 juni 2005 14:11 To: [ISAserver.org Discussion List] Subject: [isalist] RE: FBA question http://www.ISAserver.org Hi Tom, I have: Site1 (LAN) -->(VPN)<-- Site2 Domain XXX External DNS Server, etc. AD 2003 1 AD Domain Controller XXX, but will be removed soon Exchange 2003 <------ ISA Server 2004 ( not member ) I read that is better Isa works as stand alone server. Mi idea was haven't any DC on Site2 to prevent replication problems,etc., if is possible. Sorry -----Mensaje original----- De: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Enviado el: miércoles, 01 de junio de 2005 13:56 Para: [ISAserver.org Discussion List] Asunto: [isalist] RE: FBA question http://www.ISAserver.org Hi Cerebro, What security issues are you concerned about? I've been using ISA firewalls as domain members and its never been a security issue, and NO ONE has ever proven or demonstrated a *real* security issue that can actually be carried out with this configuration. Do not worry, join the ISA firewall to the domain if you have one. Now, if you don't have a DC, how are users authenticating? You must have a domain, otherwise there would be no Exchange Server. Thanks! Tom www.isaserver.org/shinder Tom and Deb Shinder's Configuring ISA Server 2004 http://tinyurl.com/3xqb7 MVP -- ISA Firewalls -----Original Message----- From: cerebro [mailto:cerebro@xxxxxxxxxxxxxxxxx] Sent: Wednesday, June 01, 2005 6:53 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: FBA question http://www.ISAserver.org Hi Tom, there is no another solution? The Isa Server is in another Site without AD Controllers, and working as firewall, the security worries to me. -----Mensaje original----- De: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Enviado el: miércoles, 01 de junio de 2005 13:46 Para: [ISAserver.org Discussion List] Asunto: [isalist] RE: FBA question http://www.ISAserver.org Join the ISA firewall to the domain. You should have done that already! HTH, Tom www.isaserver.org/shinder <http://www.isaserver.org/shinder> Tom and Deb Shinder's Configuring ISA Server 2004 http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls ________________________________ From: cerebro [mailto:cerebro@xxxxxxxxxxxxxxxxx] Sent: Wednesday, June 01, 2005 6:42 AM To: [ISAserver.org Discussion List] Subject: [isalist] FBA question http://www.ISAserver.org Hi, I have Exchange 2003; ISA 2004 Server is doing the FBA for OWA with SSL. But users can't logon, ISA 2004 Server is not a member domain. Can anyone tell me what I'm doing wrong? ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: cerebro@xxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: cerebro@xxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: paul.van.geldrop@xxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.