Windows AD accounts for visitors and parents ?

  • Thread starter Thread starter Marlon Brown
  • Start date Start date
M

Marlon Brown

We are a public educational instution, single Win2000 AD domain.

I have a requirement to let parents and 'visitors' access Sharepoint content
in our network.
Question here:
What system should be able to let visitors create accounts and access
information in our system ? Do I have to rely in AD for this ? I strongly
believe there must be a cleaner and more secure way to handle this than just
creating and maintaning AD accounts to these parents...
 
Yes, setup a RADIUS server to handle authentication. But that will involve
more hardware and $$$$.
But why do you think AD can not handle it? Are these "Guest" accessing your
system through the Internet or using your Workstations?
 
They would come logging from their workstations, from home. Also, I would be
inclined to put a system in place to let them handle/reset passwords (in
case they forget their credentials). I imagine I would create a separate
domain for this type of users, instead of using my existing staff domain ?

Do you know if there is any 'package' that can let users handle expired
passwords based on phrases ? I have an idea on how to build one, but I just
don't want to reinvent the wheel if a system like this is already out there.
 
And if you really think that RADIUS is the solution, then you can use the
implementation that is built into the Windows Server. Install the IAS (not
ISA) component and turn RADIUS on.
 
In fact I have ACS doing RADIUS in our internal network already, so if I can
I wouldn't setup IAS.
I meant, I could publish the sharepoint site using ISA 2004 and let ISA 2004
do pre-authentication via RADIUS against our AD domain.
 
Back
Top