I'm looking at building an site that authenticates users against AD of my company.
I've already created something that works internally, but I'd also like the users to be able to authenticate externally - from outside the network over the internet. using any pc or even mobiles. Obviously only people within the company should be able to access it.
I just need a few guidelines for what I'll need to bare in mind for such a project..
- Use forms authentication
- Use ADMembershipProvider
- Host site on network with AD
How do I make it visible externally? what security implications are there? what needs to be done on the server?
There is no special requirements for the AD usage, normal security requirements apply - enforce HTTPS on the login page, for start.
I guess your server is in the DMZ, so just make sure it can see AD from there.