Hi Folks.
I’m contemplating making my IIS server (2 nics, public & private) a member server so our in-house clients can do AD integrated authentication. In other words, setup an Intranet! We’d like the clients to authenticate automatically upon connecting, without using cookies. (I’ve got my reasons!) Obviously on the Intranet, anonymous connection will be disabled.
However, the public web site would also reside on the same machine, using anonymous connectivity.
What security concerns would there be about having a member server act as an ‘anonymous’ IIS server thtough it’s public IP Address… I’m worried about possible hackers attacking my AD through the web site….
Thoughts?
