I have a DMZ web server hosting the ASP.NET Extranet application. I want users to authenticate in this application using the same user and password that they use in their Windows at work. (we use Active Directory)
I want to know that the best way - the safest way - is to connect from the DMZ web server to Active Directory.
So far I have seen two possibilities:
- RODC
- LDAP over SSL (LDAPS)
Is there any other option you recommend? What other options should I consider? Any restriction or potential problems with any of these solutions?
source
share