To run Conquest III on the Internet as well as the Organisation’s Intranet set up the following:
• Use HTTPS. See Conquest III and HTTPS
• External Users, for instance Contractors who do not have access to Conquest III from domain workstations and instead operate from their own, non-domain devices, still must have an Active Directory Account and be registered as Users in Conquest III
• Where there is a corporate rule to keep the organisation’s Domain Name hidden from External Users, their AD Account must be qualified with a User Principal Name (UPN) suffix. To create a UPN suffix; on the Domain Controller, use the Active Directory Domains and Trusts application, or alternatively do it from the command line:
• Right-click the Root (top) item and select Properties to open the UPN Suffixes Form. Enter a suitable name or acronym for the new UPN then click ‘Add’:
• On the Domain Controller, use the ‘Active Directory Users and Computers’ tool to apply the UPN suffix to every External User, AD Account that is to use Conquest III:
• This permits the External Users to authenticate to Windows AD and Conquest III, without needing to know the Organisation’s Domain Name
• Use a Web Proxy or similar tool to define the entry point rule for Externally sourced, Conquest III URLs. For example see Publishing Conquest III on Forefront TMG