Windows IT Pro is the authoritative and independent resource for windows nt, windows 2000, windows 2003, windows xp. Features a collection of resources and magazines for windows IT professionals.
  
  
  Advanced Search 


October 20, 2003

Understanding Front-End Servers

Balance OWA performance, security, and ease of use
A Web Exclusive from Windows IT Pro
Kieran McCorry
Feature
InstantDoc #40371
Windows IT Pro
Email this Article
Printer Friendly
Reader Comments
Digg This
Del.icio.us
RSS
View this exclusive article with VIP access -- click here to join |
See More Active Directory (AD) Articles Here | Reprints | Or sign up for our VIP Monthly Pass!

Authentication
A traditional front-end server/back-end server deployment handles user authentication in one of two ways:

  • Pass-through authentication—The front-end server simply forwards the request to the back-end server, which performs the authentication.
  • Dual authentication—The front-end server authenticates the initial user request, then forwards the request to the appropriate back-end server, which authenticates the request again.

Because the front-end server needs to determine the user's identity to forward the request to the appropriate back-end server, pass-through authentication requires an explicit logon. I don't recommend pass-through authentication for OWA access. Pass-through authentication lets anonymous HTTP requests go directly to the back-end server, thus exposing your server to rogue HTTP requests and potential Denial of Service (DoS) attacks. Pass-through authentication is also less desirable than dual authentication because most OWA users prefer to type the simplest possible URL. Figure 3 shows an explicit logon with pass-through authentication. . . .

Reader Comments
This is a very nice article. I am in the middle of building front and backend servers and this article explains on a simple way how it works and what to do.
thanks....

Wil Crijnen October 23, 2003

How do I setup a Pseudo Front-End Server (Windows 2000 server, Exchange 2000)?

Keith Runion November 17, 2003

A very useful explanation to understand the different authentication types into your exchange organization via a webbrowser.

Jörgen hjärtenflo May 12, 2004

Well Kierien, your articles are as good as your classes. Great article and I fully enjoyed last years connections conference.

themarlboroman June 19, 2004

For front end servers what version can you use. Standard or enterprise??

changari August 29, 2004 (Article Rating: )

Great article on Front end servers on exch 2003!

I have a question, can a front end server in one forest/exch org forward email to a backend server in another forest/exch org.
Our DNS knows about each other, and other things are in place to allow inter-working of the forests. Two-way trusts are setup also.

billybubba8it October 20, 2004

Excellent article

Anonymous User January 30, 2005 (Article Rating: )

NOW I understand!

Anonymous User February 25, 2005 (Article Rating: )

This article is helpful in getting the concept. I do have the following inquiry though:

1) You mentioned explicit and implicit logon. Is it possible to restrict to just one? Say, I only one implicit logon. So if the users type in explicit logon then it will not work.

2) If I have two geographic locations say, one in NY and the other in LA and I want to use WLB/NLB for OWA logon. Two servers involved in Front-end servers one in LA and the other in NY. I want to have LA users logon through LA and the NY users through NY OWA Front End servers. In this scenario is the NLB/WLB is feasible? What's your take on this?? I have DC, GC in each loacation.


Thanks-
Jaxy-

Jaxy999 December 03, 2005 (Article Rating: )

Where is the article? :(

charlestejana April 07, 2008 (Article Rating: )

 See More Comments  1   2 

You must log on before posting a comment.

If you don't have a username & password, please register now.




Top Viewed ArticlesView all articles
Command Prompt Tricks

One reader shares his tip for setting up the command prompt to reflect a remote path. ...

How can I stop and start services from the command line?

...

PsExec

This freeware utility lets you execute processes on a remote system and redirect output to the local system. ...
Active Directory (AD) Whitepapers Sustainable Compliance: How to reconnect compliance, security and business goals

Managing Unix/Linux with Microsoft System Center Operations Manager 2007 Cross Platform Extensions Beta

Addressing the Insider Threat with NetIQ Security and Administration Solutions
Related Events Storage Consolidation for Your Microsoft Applications: Reducing Cost and Complexity

How IE7 & The New Extended Validation SSL Certificates Impact Your Site

Check out our list of Free Email Newsletters!
Security eBooks Spam Fighting and Email Security for the 21st Century

Keeping Your Business Safe from Attack: Monitoring and Managing Your Network Security

Windows 2003: Active Directory Administration Essentials
Related Active Directory (AD) Resources Become a VIP member of the Windows IT Pro community!
Get it all with the VIP CD and VIP access. A $500+ value for only $279!

Subscribe to Windows IT Pro!
Solve your toughest technical problems with our experts and access 10,000 + articles online. 30% off

Monthly Online Pass - Only $5.95!
Get instant access to 10,000+ articles from Windows IT Pro Magazine!

TechNet Virtual Labs
Evaluate and test Microsoft's newest products.



ADS BY GOOGLE

Job Openings in IT SPONSORED LINKS FEATURED LINKS
Register for Orion NPM v9 - Evaluation
Affordable, easy-to-use network performance management with SolarWinds Orion – Free Trial!

Want a Hardware-Independent Image?
Binary Research, the Ghost people, shows you how to clone with 1!

Maximize speed, performance and reliablity of your PCs and servers—automatically!
Speed Up Your PC! Try Diskeeper 2008 with InvisiTasking Free Now!

Order Your Fundamentals CD Today!
Register today for your in-depth copy of one of three Fundamental CDs on the following topics – Exchange, SQL, and SharePoint.
Windows IT Pro Home Register FAQ for Windows WinInfo News
Europe Edition About Us Contact Us/Customer Service Media Kit Affiliates / Licensing  
SQL Server Magazine Office & SharePoint Pro Windows Dev Pro IT Job Hound ITTV
IT Library Technology Resource Directory Connected Home Windows Excavator Windows SuperSite 
 
 Windows IT Pro is a Division of Penton Media Inc.
 Copyright © 2008 Penton Media, Inc., All rights reserved. Terms and Use | Privacy Statement | Reprints and Licensing