1

I am a programmer and ask for some help to sysadmins. I've have a Wordpress system (a website) that validates users through an Active Directory, this is done by a plugin.

My customer wants to protect that AD with a TMG gateway. I'm reading about TMG and for me it's like reading chinese (I don't understand chinese) but what I understand it is more a server configuration issue than programming, as I understand a sysadmin should configure the LDAP server to be pretected by this TMG gateway. So, no programming is required as this should be transparent to external connections.

Is this right? I mean, I'd like to be sure before telling my customer there's no programming task needed.

Thank you

user761076
  • 199
  • 1
  • 2
  • 10

1 Answers1

2

It sounds like your AD LDAP service is exposed to the internet which is general a BAD thing to do as it is a fairly big security risk.

TMG Forefront is a firewall that can protect your AD server by "publishing" only the services you want and only to a list of restricted IP addresses e.g. your wordpress server.

The only "programming" you would need to do is - install and configure the TMG Server (a big task!!) - change your AD server to be on a local network rather than an external network - change your wordpress server to point to the TMG server rather than your AD server.

The above is a huge simplification of what is probably a fairly major change to your architecture

Phil
  • 3,168
  • 1
  • 22
  • 29