I am working at a client site whom wants to use his Windows Domain Controllers on his Inside interface on the ASA to Authenticate Domain users whom log into a Web Server on the DMZ interface. This Web Server in the DMZ is configured to use Active Directory as its authentication method. What is the best way to accomplish this? What ports need to be open? The client needs the authentication traffic between the Web server in the DMZ and the Active Directory Domain Controllers on the Inside to be encrypted.
Thanks in advance.