<Alan@discussions.microsoft.com> wrote:

>I have been tasked with moving our current FTP server into a DMZ. Currently
>the FTP server is setup on a member server in our domain and we use security
>groups in Active Directory to restrict access to certain folders in the FTP
>site. We do not allow anonymouse access.
>
>My question is how do I configure a new server in the DMZ that would still
>allow for the security groups to work? We would still need the users to
>login with thier domain accounts.
>
>I would appreciate any info you could give me.

"Alan" <Alan@discussions.microsoft.com> wrote in message
news:EC733EB6-79EB-4BE4-BEF5-C7192B4D451C@microsoft.com...
> Jeff,
> Does that open up security risks that the DMZ would normally eliminate?
>
> Should the FTP server be a stand alone server (workgroup) or would you set
> it up as a member server in the domain?
>
> Thanks for your help,
> Alan
>
> "Jeff Cochran" wrote:
>
>> On Tue, 12 Sep 2006 09:52:01 -0700, Alan
>> <Alan@discussions.microsoft.com> wrote:
>>
>> >I have been tasked with moving our current FTP server into a DMZ.
>> >Currently
>> >the FTP server is setup on a member server in our domain and we use
>> >security
>> >groups in Active Directory to restrict access to certain folders in the
>> >FTP
>> >site. We do not allow anonymouse access.
>> >
>> >My question is how do I configure a new server in the DMZ that would
>> >still
>> >allow for the security groups to work? We would still need the users to
>> >login with thier domain accounts.
>> >
>> >I would appreciate any info you could give me.
>>
>> Configure your firewall to pass AD authentication between the DMZ and
>> LAN. See your firewall docs and an AD group for help there.
>>
>> Jeff
>>