Website & AD Authentication

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Our web developer want employees to be able to use their Active Directory
credentials to login to the Employees Only section of our internet website.
The website is hosted off-site and there is no restriction on who could make
an attempt to access the employee section of the site.

It has been proposed that a firewall exception be created allowing a single
IP (the off-site host) to access Active Directory. My initial reaction is
"no way". How much of a security threat is this?
 
That's an interesting question, but I doubt you'll get an answer here. This
newsgroup is for questions relating to security in Access, the database
development component of Microsoft Office.

You might like to try another newsgroup - either
microsoft.public.inetserver.iis.security
or
microsoft.public.windows.server.security
 
Thank you.

Graham Mandeno said:
That's an interesting question, but I doubt you'll get an answer here. This
newsgroup is for questions relating to security in Access, the database
development component of Microsoft Office.

You might like to try another newsgroup - either
microsoft.public.inetserver.iis.security
or
microsoft.public.windows.server.security
--
Good Luck!

Graham Mandeno [Access MVP]
Auckland, New Zealand

Taylor said:
Our web developer want employees to be able to use their Active Directory
credentials to login to the Employees Only section of our internet
website.
The website is hosted off-site and there is no restriction on who could
make
an attempt to access the employee section of the site.

It has been proposed that a firewall exception be created allowing a
single
IP (the off-site host) to access Active Directory. My initial reaction is
"no way". How much of a security threat is this?
Click to expand...
Click to expand...
 
Taylor said:
Our web developer want employees to be able to use their Active Directory
credentials to login to the Employees Only section of our internet website.
The website is hosted off-site and there is no restriction on who could make
an attempt to access the employee section of the site.

It has been proposed that a firewall exception be created allowing a single
IP (the off-site host) to access Active Directory. My initial reaction is
"no way". How much of a security threat is this?
Click to expand...

It's designed to work that way. Not all companies have all their employees
at the one site. Microsoft, for example, has Active Directory servers
located
around the world, connected to each other. Microsoft also uses firewalls,
and the servers communicate with each other through the firewalls.

There are several different ways of authenticating against a remote server,
and perhaps you should find out more about what your developers have
in mind? I myself authenticate against a remote AD server frequently: I need
to do so whenever I open a VPN.
 
Back
Top