[thelist] webserver inside domain or outside domain

Chris W. Parker cparker at swatgear.com
Mon Feb 10 14:40:29 CST 2003


hi.

i've got a few related questions in here so i'll try to lay them out as
best i can.

1. what are some guidelines to go by when trying to determine if a
webserver should be a part of a corporate domain or not? (we only have
one domain, and one webserver, all are win2k based machines.)

2. if i have Anonymous Access turned off (using IIS5) and have an
intranet site that is apart of the domain, will the clients
automagically log in by passing their credentials to the server? i
imagine that when the webserver is joined to the domain the clients will
automatically pass their credentials to the server thus bypassing the
log in box.

the reason i want to do this is so i can access their username from
within my .asp pages to do some simple security checking. we have a
small number of users on our intranet and i'd like to restrict access to
certain pages based on the user.

i really don't want to force people to log in twice and possibly
maintain two separate accounts (because they would have a domain user
and a webserver user.)

what sort of things security wise should i be aware of if i join the
server to the domain?

thanks,
chris.



More information about the thelist mailing list