|
Home > Archive > IIS Server Security > August 2006 > Suggestions on what I need to get going (AD, ASP.Net, domain logins, etc)
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Suggestions on what I need to get going (AD, ASP.Net, domain logins, etc)
|
|
| JackBlack 2006-08-21, 1:32 pm |
| Hi, all! Going over lots of documents on ADAM and authentication and such,
and I'm curious where I have to start to get going building a new intranet
that'll take advantage of domain logins, access to Exchange public folders,
and casual traversal of AD (directory-type application). My infrastructure
is essentially Win2k3 R2 web server(s) running ASP.Net (VB code-behind)
application(s), SQL 2k5, Exchange 2k3, all as domain members (web servers
are NOT installed on domain controllers or SQL servers).
#1: Do I need to concentrate on Kerberos delegation, since the web server
will be accessing separate SQL, Exchange, and AD machines? Or can I get
away with using a simpler method (such as dedicated secured accounts for the
web server)?
#2: Should I be considering getting ADAM implemented on my domain
controllers? IF so, what are the ramifications of doing so on existing
domain controllers (2k3)? If not, what work-arounds do I need to implement
to make sure the secure application functions the way I need is to (vis a
vis, AD traversal, Exchange folders, etc)?
Suggestions welcome, of course! Thanks!
Jack
|
|
|
|
|