0

Is there any problem or pitfall including ISA server into domain after ISA was installed and configured and worked for a while?

All the rules at the moment are based upon IP addresses, All Users.

Addendum 1

ISA is an edge firewall, so it is connected to one Internal network (this is where domain is) and to the Internet provider (External Network).

Addendum 2

I'm absolutely sure ISA should be a member of the domain.

Anthony Serdyukov
  • 123
  • 6

2 Answers2

0

Far too many variables to answer this question properly without a lot more detail about your particular configuration.

Adding an ISA server in a 2(plus)-leg configuration will almost certainly lead to issues unless you do it in a controlled manner and schedule down-time. But adding an ISA server in a single-leg configuration will not impact the network, until you begin pointing clients to the server.

Chris Thorpe
  • 9,953
  • 23
  • 33
0

There are pro's and con's of both setups..

Is it "problem-free" - well, that depends on what kind of problems you are looking for.. :)

Lately, I've swung more in joining it to the domain but that's just me and the requirements we have at my current work. Your needs may be different depending on the requirements and roles you have defined at your place of employment.

The argument for joining the domain is made by Thomas Shinder here: http://www.isaserver.org/tutorials/Debunking-Myth-that-ISA-Firewall-Should-Not-Domain-Member.html

Rex
  • 7,895
  • 3
  • 29
  • 45
  • Thanks, @Rex, for your reply. However, you've misunderstood the core of my question. I'm absolutely sure ISA should be included into domain. But I wonder is there any problems including it into domain **after ISA was installed and set up**. I'll reflect this in the question now. – Anthony Serdyukov Apr 14 '10 at 11:10