Hi, your domain controller has not to be necessarily accessible from the internet. there has to be a connection somehow between iis and the dc - thats right.
the rest ist the work of your screening router/firewall. but i agree - digest authentication does not bring enough benefits for these configuration changes and security implications. greets dominick ernw -----Ursprüngliche Nachricht----- Von: dotnet discussion [mailto:[EMAIL PROTECTED]]Im Auftrag von Henk de Koning Gesendet: Samstag, 27. April 2002 23:04 An: [EMAIL PROTECTED] Betreff: Re: [DOTNET] AW: [DOTNET] Windows authentication and Netscape > Hi, > thats not right - IIS has to be a domain member - not controller - however > you have to specify "use reversible hash" in Active Directory which poses a > possible security risk. > Duh. Sure, please read this as "installed in a domain". My bad. The point stays though that you don't want your domain controller accessible from the internet. -- Henkk You can read messages from the DOTNET archive, unsubscribe from DOTNET, or subscribe to other DevelopMentor lists at http://discuss.develop.com. You can read messages from the DOTNET archive, unsubscribe from DOTNET, or subscribe to other DevelopMentor lists at http://discuss.develop.com.
