Forefront Edge Security TechCenter >
Forefront Edge Security Forums
>
Forefront Edge Security Virtual Private Networks
>
LDAP Integration Setup
LDAP Integration Setup
- We are trying to setup a new ISA server in our DMZ that will not be a domain member, but rather will authenticate VPN users against the domain via LDAP. I believe we have all of the LDAP settings correct, and have verified connectivity to the domain server using LDP.exe (as well as a connectivity verifier). However, when we go to the Groups tab in the VPN Client Properties dialouge box and try to add a new group from the domain, we are only given the choice to add groups from the local machine...as if it does not see the domain server.
Does anyone have any setup or troubleshooting tips around this problem?
Thanks in advance.
Stephen
Stephen Stark
Answers
- Hi, Stephen
AFAIK, you cannot use LDAP authentication for VPN (only on web listeners) on ISA Server 2006.
Without ISA server domain membership you have to configure RADIUS (IAS) server, which can authenticate domain users.
Dawid- Proposed As Answer byNick Gu - MSFTMSFT, ModeratorThursday, July 30, 2009 2:27 AM
- Marked As Answer byNick Gu - MSFTMSFT, ModeratorMonday, August 03, 2009 1:52 AM
All Replies
- Hi, Stephen
AFAIK, you cannot use LDAP authentication for VPN (only on web listeners) on ISA Server 2006.
Without ISA server domain membership you have to configure RADIUS (IAS) server, which can authenticate domain users.
Dawid- Proposed As Answer byNick Gu - MSFTMSFT, ModeratorThursday, July 30, 2009 2:27 AM
- Marked As Answer byNick Gu - MSFTMSFT, ModeratorMonday, August 03, 2009 1:52 AM
- Dawid,
Thanks for the feedback.
Stephen
Stephen Stark
