 Re: LDAP authentication
For SSO you should consider using 2 factor (strong) authentication, rather than just AD. More so when you use SSO and "from outside the network" in the same sentence.
Rambling on, you should also make sure that FW-1 and AD are using 636 to communicate (and not 389 like many ppl use) so that it's encrypted. Never did this on 2003 nor with the latest FW-1 versions, so I can't help there. |