Sharing access to WSS 3.0 sites and documents with users of non-trusted domains? RRS feed

  • Question

  • We have a WSS 3.0 web site used primarily for sharing documents with business partners who do not work for our company.

    Our internal users also use it but normally just use internal network file shares if they aren't planning to share the documents with external users.

    Each business partner's company has a sub site within our main WSS site and documents are uploaded to that section of the site if we want to share documents with employees of that company. 

    Since we use AD for authentication, to make this work, we create AD user accounts for each external user and add them to a security group that gives them access to only their company's subsite on the main site.  

    We have to maintain their passwords, reset them and delete/disable them when that person no longer needs access.  Each business partner has a limit on the number of users who can get one of our AD accounts due to limits on the number of CALs available to them.  It is messy because these users often forget their passwords since they aren't using these accounts every day.  

    Is there a better way to do this so that we no longer have create and maintain user accounts for external users other than having to do a domain trust with all these other domains?

    I have heard of ADFS, but does this work with WSS 3.0 and will it allow us to still control which sites and documents the external company users can access if we are not creating and managing the accounts and adding them to the correct security groups ourselves?

    Sunday, December 7, 2014 3:57 AM