LDAP authentication is similar to Active Directory authentication, except that the ISA Server computer does not have to be a member of the domain. ISA Server 2006 connects to a configured LDAP server over the LDAP protocol to authenticate the user. Every Windows domain controller is also an LDAP server, by default, with no additional configuration changes required. By using LDAP authentication, you get the following benefits:
ISA Server 2006 Standard Edition server or ISA Server 2006 Enterprise Edition array members in workgroup mode. When ISA Server is installed in a perimeter network, you no longer need to open all of the ports required for domain membership.
Authentication of users in a domain with which there is no trust relationship.
In this section you will do the following:
Create an LDAP Server Set
Create an LDAP User Set
For more information about LDAP Configuration, see Appendix B of the Secure Application Publication article on Microsoft TechNet. http://www.microsoft.com/technet/isa/2006/secure_web_publishing.mspx#AppendixB
Select CorpLDAP, the LDAP server set from the drop-down list.
Select All Users in this namespace.
You can also specify user groups or specific user accounts if you do not want all users to be part of this LDAP user set.
Completing the New User Set Wizard
Click Back to make changes and Finish to complete the wizard.
1. Click the Apply button in the details pane to save the changes and update the configuration.
Set the Idle Session Timeout for All Firewalls and Network Appliances to 1800 seconds
In this step, you will modify the idle session timeout time on all firewalls, proxy servers, and other network appliances to accommodate the time required for successful function of the direct push technology.
The default idle session timeout in ISA Server 2006 is 1800 seconds, so you should not need to modify it.
For more information about modifying the idle session timeout time, see "Configuring your Firewall for Optimal Direct Push Performance in the Best Practices for Deploying a Mobile Messaging Solution section in this document.