Студопедия

Главная страница Случайная страница

КАТЕГОРИИ:

АвтомобилиАстрономияБиологияГеографияДом и садДругие языкиДругоеИнформатикаИсторияКультураЛитератураЛогикаМатематикаМедицинаМеталлургияМеханикаОбразованиеОхрана трудаПедагогикаПолитикаПравоПсихологияРелигияРиторикаСоциологияСпортСтроительствоТехнологияТуризмФизикаФилософияФинансыХимияЧерчениеЭкологияЭкономикаЭлектроника






AD DS models for the perimeter network






After you evaluate the considerations for deploying AD DS in your perimeter network, you can choose one or more of the following AD DS models.

After you read this guide, you may find that there is no benefit in including AD DS in your perimeter network or that other software or tools can provide all the benefits. If this is the case, it is possible that the best option is to not include AD DS in your perimeter network.

 

Figure 1 Perimeter model with no AD DS

No AD DS

One solution that you can implement in the perimeter network does not use AD DS. It uses the local server's Security Accounts Manager (SAM) database to authenticate corporate-network-owned identities. This solution, as shown in Figure 1, has the disadvantage of becoming very difficult to manage—even when there is a low number of users that are granted access to the server’s resources—because you must manage the appropriate identities on several local SAMs. Another disadvantage is that more modern authentication methods, such as the Kerberos protocol or certificates, are not available for local SAM authentication.

In addition, this solution has the limitation of not being able to share identities between the servers. It also has a limitation on the number of users that can be stored locally. Duplication of identities across different databases increases the solution’s total cost of ownership (TCO) and decreases the customer experience as a result of a lack of single-sign-on (SSO) functionality.


Поделиться с друзьями:

mylektsii.su - Мои Лекции - 2015-2024 год. (0.006 сек.)Все материалы представленные на сайте исключительно с целью ознакомления читателями и не преследуют коммерческих целей или нарушение авторских прав Пожаловаться на материал