|
sponsored links |
|
|
sponsored links
|
|
1
25th April 03:40
External User
Posts: 1
|
Windows 2000 AD and AD/AM
I need to provide users external to my company access to a sharepoint portal
server site and do not want to put these accounts in to AD giving them network privlidges. I have been reading about AD/AM and was wondering if this would be a good option. How would you set up sharepoint to reference AD and AD/AM to authenticate users to the site? Does this require setting up a one way trust between AD and AD/AM or is there another way? I have looked in AD Domains and Trusts and don't see a way to establish this becuase AD/AM is not a full blown domain. Any help of suggestions would be great!! Tom |
|
|
|
2
25th April 03:40
External User
Posts: 1
|
Windows 2000 AD and AD/AM
Hi Tom,
This is something I have been looking at as well but I don't think (and I open to correction) it is possible to use SharePoint with ADAM. Firstly if you look at ADAM and what it is not: a.. It is not usable by Server Applications (i.e. Exchange 2000) a.. Require security principals b.. Require MAPI protocol support b.. It is not a Windows logon server c.. It does not remove the need for the NOS Active Directory! An ADAM user is not a Window's User Principal which SharePoint requires for authentication. I would love to be told I am wrong here as I too would like to remove AD from our project as I don't like the idea of a web user having a full blown network account in the AD. |
|
|
|
3
25th April 03:41
External User
Posts: 1
|
Windows 2000 AD and AD/AM
John,
Thanks for the response. I was afraid that was going to be the answer. Since last night I ran accross a microsoft white paper that describes the SPSv2 and an extranet deployment guide. I am afraid that the scenario that you and I are looking at requires that you set up another domain that trusts your primary domain. Then your primary domain AD user data is replicated to the DMZ domain. External user data is entered straight into the dmz domain. This is a huge summation of the contents of this whitepaper. I will email the whole thing to you so you can have a better understanding. Thanks, Tom |
|
|
|
4
4th May 11:33
External User
Posts: 1
|
Windows 2000 AD and AD/AM
ADAM is best used in the application developement area where programmers donot have to have an AD present in order to test their
applications developed using AD functionalities. ADAM can be installed on any XP workstations. An XP box can host multiple instances of ADAM. You may look into one of the following solutions: 1. One single AD account with a proper "role" to handle extranet users. Or 2. Create a separate Forest for these users. #2 is best in term of security but the cost to maintain a separate forest may be your concern. For your Security: No-No, a thousand No, I would not grant AD access to my internal AD system. How about TRUST ? No, no trust to external users unless you do know them well. John |
|
|
Linear Mode
