R
RichardG
Hi,
I am working on a project where we need to make Project Server 2007
available to employees that might be either located on the internal network
or working remotely (and might move between the two). This means that
Project Server needs to be accessible from the internet as well as the
internal network. The internal network is segregated and there is no
connection to the internet from it, so internal users cannot access anything
on the internet.
My questions is: is it possible to set up Project Server so that it has two
web front end servers on separate networks? One would be in the internal
network (for internal users) and the other would be in the DMZ (for remote
users coming in via the internet). An added complication is that the
internal network’s domain controllers are not (and must not be) available to
the DMZ. There is a separate AD domain that can be used for authentication
in the DMZ, but there is no trust between this and the internal AD.
My current thinking is that the way to handle this would be to have
database, application, and one WFE server in the internal network and another
WFE server in the DMZ. I think the restriction with the AD controllers would
mean that we would have to use forms authentication.
Has anyone out there set up Project Server like this? Is it even possible?
Is there a better way?
Thanks,
Richard
I am working on a project where we need to make Project Server 2007
available to employees that might be either located on the internal network
or working remotely (and might move between the two). This means that
Project Server needs to be accessible from the internet as well as the
internal network. The internal network is segregated and there is no
connection to the internet from it, so internal users cannot access anything
on the internet.
My questions is: is it possible to set up Project Server so that it has two
web front end servers on separate networks? One would be in the internal
network (for internal users) and the other would be in the DMZ (for remote
users coming in via the internet). An added complication is that the
internal network’s domain controllers are not (and must not be) available to
the DMZ. There is a separate AD domain that can be used for authentication
in the DMZ, but there is no trust between this and the internal AD.
My current thinking is that the way to handle this would be to have
database, application, and one WFE server in the internal network and another
WFE server in the DMZ. I think the restriction with the AD controllers would
mean that we would have to use forms authentication.
Has anyone out there set up Project Server like this? Is it even possible?
Is there a better way?
Thanks,
Richard