Ok, so I have to have 2 servers, one as the DC and one the Web edition? So I'm assuming the Web edition would be the one that serves up the actual web interface. Now I'm kinda confused on how having that makes it so I don't need user CALs for authentication. Wouldn't the authentication still go back and hit the DC?
Joe Heaton -----Original Message----- From: Michael B. Smith [mailto:[EMAIL PROTECTED] Sent: Friday, May 16, 2008 12:30 PM To: NT System Admin Issues Subject: RE: Client licenses for web apps (was: AD in the DMZ) A common misconception - Web Edition can be a member server in A/D, it simply cannot be a DC. Yeah, I'm getting old. The Windows 2000 wording is the wording that I remember. Regards, Michael B. Smith MCSE/Exchange MVP http://TheEssentialExchange.com -----Original Message----- From: Ben Scott [mailto:[EMAIL PROTECTED] Sent: Friday, May 16, 2008 3:16 PM To: NT System Admin Issues Subject: Re: Client licenses for web apps (was: AD in the DMZ) On Fri, May 16, 2008 at 10:19 AM, Michael B. Smith <[EMAIL PROTECTED]> wrote: > Thanks for that update. That's a change, but you are correct. The Windows 2003 EULA has similar wording, although it's not quite as clear: "... you must acquire a Windows CAL for each individual person ("User") or Device that accesses or uses the Server Software, whether directly or through a Multiplexing Service ... you do not need to acquire a Windows CAL for any User or Device that accesses the Server Software solely through the Internet and is not authenticated or otherwise individually distinguished by the Server Software or a Multiplexing Service..." http://www.microsoft.com/windowsserver2003/eulas/default.mspx The "and is not authenticated or individually distinguished" part makes me think you need a CAL (or ECL) for every user who has an account, regardless of how you do your authentication. The Windows 2000 EULA is much less clear: "A CAL is required for each Device that is used by an 'Authenticated User' or that uses 'Windows 2000 Server Services' regardless of what software you use." It goes on to define "Windows 2000 Server Services", and does not list IIS. This leads me to believe that if you roll-your-own web authentication system and run it on Windows 2000, you don't need CALs. But Windows 2000 is fast approaching end-of-life. > Therefore, your internet facing webservers should all be running Web > Edition, is the message I read. Certainly, that's the most cost-effective approach. This would rule out the use of Active Directory for authentication of web users (without needing a client license for each), right? Because Web Server Edition doesn't support AD, right? -- Ben ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
