I would like to hear if anyone has published the ADSelfService portal directly on the internet. We have some users outside our organisation, that has accounts in our AD to access some services. They have to send e-mails to helpdesk to get their password reset today.
But I am unsure about the security around this, since I think I would have to place it in a DMZ but open up a lot of ports so it can access Active Dirctory.
Any thoughts and experiences?