« Previous Next »

• 10-26-2009, 6:19 PM

  Gigatt Joined on 10-26-2009, 6:09 PM Posts 2

  Adding web server to domain Reply Contact Hi,  I have a general security question for you experts out there. Bear with me as I give you some background information.  We have an active directory domain which is used to host multiple clients.  It includes terminal services, exchange, etc. and users log in using an alternative UPN suffix so that it looks like it belongs just to them. We are about to implement a IIS 7 web server that hosts a couple different CMS's and our users won't necessarily be logging into this server.  It will just be a standard webserver to provide information for our client's customers via anonymous access. My question is... Is it best practice to keep this web server in a workgroup and not add it to the active directory domain?  I would like to add it to the domain in order to manage the actual server better but someone told me that it would a security hole for AD if I did.  Any comments on this would be greatly appreciated.

  Tags: IIS 7 in domain

• 10-26-2009, 7:55 PM

  In reply to

  lextm Joined on 10-22-2008, 4:18 AM Shanghai, PRC Posts 1,433	Re: Adding web server to domain Reply Contact For security reasons, IIS should not be installed on domain controllers. http://support.microsoft.com/kb/332097 Joining an IIS server into AD is not, and so many users use it this way. Lex Li Support Engineer at Microsoft --------------------------- This posting is provided "AS IS" with no warranties, and confers no rights.

• 10-27-2009, 3:18 PM

  In reply to

  Gigatt Joined on 10-26-2009, 6:09 PM Posts 2	Re: Adding web server to domain Reply Contact Here's the thing, firewalls and "edge" servers aren't added to the domain in case they are compromised.  Do/did IIS servers fall in this category?