Security Basics mailing list archives

DMZ and AD Authentication

From: <Geoff.Shatz () pchelps com>
Date: Fri, 12 Dec 2003 10:32:46 -0500

We are in a situation where we are currently planning the move of our web server from an externally hosted solution to 
hosting the web server in house. As part of this move we will be implementing a new internal application that will run 
on the web server that will require authentication based on Active Directory account info. Obviously this will require 
that the web server has the ability to communicate with the AD domain controllers. That being the case will it still be 
possible to place this web server on a DMZ or will the amount of open ports required between the DMZ and LAN for the 
required authentication process severely mitigate the benefits of placing the server in the DMZ in the first place? Any 
and all suggestions and or strategies to accomplish this in the most secure fashion are welcome and appreciated. Thanks!

Geoff

---------------------------------------------------------------------------
----------------------------------------------------------------------------

Current thread:

DMZ and AD Authentication Geoff.Shatz (Dec 12)
- <Possible follow-ups>
- RE: DMZ and AD Authentication Shawn Jackson (Dec 15)
  - RE: DMZ and AD Authentication jamesworld (Dec 16)
    - RE: DMZ and AD Authentication JM (Dec 16)
- Re: DMZ and AD Authentication Mitchell Rowton (Dec 15)
- RE: DMZ and AD Authentication Rademacher Sgt Roger P (Dec 16)
- RE: DMZ and AD Authentication Shawn Jackson (Dec 17)
- RE: DMZ and AD Authentication jamesworld (Dec 17)