I have to have a reverse proxy between the internet and my internal domain Exchange 2010 OWA. I am hoping to use IIS ARR on Windows 2008R2. My plan is to place the ARR machine on the DMZ and have it talk to the back end OWA box. I am assuming to have the ARR box on a standalone 2008R2 box and not joined to the back end domain. There is one other wrinkle and that is I must use CAC/Smart cards for user authentication.
Questions:
Does ARR support CAC authenitcation?
What is the best method for allowing the ARR to reach back into the AD controller to authenticate the users? I am thinking LDAPS or is there a better way to go about this?
Thanks