Our website is moving from our internal servers to an external host. Users want to be able to login to the external host using the same AD user/pass that they are used to. How do I get the external host to authenticate to AD?
From what I've been reading, we'll want to use LDAPS, and I can write a firewall rule to only allow incoming from the host's IP. But beyond that, I'm not sure how to set this up on our domain. Can anyone point me in the right direction?
There are multiple methods that can be used to make an external server or application authenticate to AD. LDAP is preferred if you want to do more than just authentication, like reading user specific attributes stored in AD or what groups the user
is member of etc.
LDAP is already enabled on all your DCs and you nedd to enable LDAPS on one or more of your DCs that will be used by your webaite to authenticate.
Microsoft is conducting an online survey to understand your opinion of the Technet Web site. If you choose to participate, the online survey will be presented to you when you leave the Technet Web site.