Security Basics mailing list archives
Re: re: Microsoft Active Directory security concerns
From: adam.dawson () glowrm com
Date: 14 Jun 2006 16:13:58 -0000
Dave Exposing your AD to external attack is certainly not a good idea as you intimate. Is it really necessary for the external user base to be managed within your internal AD or are your developers just keen to use AD as they can integrate with it simply? If so, I would conosider suggesting that they use a feature called Active Directory Application Mode (ADAM), this allow you to extend a customised AD service to external users without compromising the internal AD. I believe that ADAM offers improved ways of synchronising with your main forest over LDAP or other directory services. Also as ADAM operates as a non-operating-system service, it doesn't require domain controllers, cutting down on the amount of infrastructure required. Best wishes, Adam Dawson
Current thread:
- Microsoft Active Directory security concerns DHegenbarth (Jun 13)
- Re: Microsoft Active Directory security concerns Saqib Ali (Jun 13)
- RE: Microsoft Active Directory security concerns Jason Dinsdale (Jun 27)
- <Possible follow-ups>
- re: Microsoft Active Directory security concerns T Dog (Jun 13)
- RE: Microsoft Active Directory security concerns Robertson, Seth (JSC-IM) (Jun 13)
- RE: Microsoft Active Directory security concerns Ramsdell, Scott (Jun 13)
- RE: Microsoft Active Directory security concerns Depp, Dennis M. (Jun 14)
- Re: re: Microsoft Active Directory security concerns adam . dawson (Jun 14)
- Re: Microsoft Active Directory security concerns simonis (Jun 15)