Hi Everyone! Please be gentle - I'm a newbie to SharePoint and may have looked over an obvious answer to this without realizing it. I have what I consider to be an odd question due to the operating environment I'm setting up our new Sharepoint 2010 Foundation system in. Before I ask, let me give a little background of our network infrastructure and obstacles I'm trying to work around.
Background
We are setting up a new SharePoint 2010 Foundation server in our remote facility. My division which is headquartered in this facility has several proprietary applications and systems in our location with capable IT staff, but corporate IT refuses to allow
us to have a backup domain controller in our facility citing security and control concerns. Despite arguments posed by us concerned with latency issues across the WAN, and the risk of not accessing local network resources should the WAN circuit
become unavailable, we cannot convince them to change their position. This brings me to my conundrum.
Whenever any of our web applications try to obtain Active Directory information for a given user such as their display name which is shown in the upper-right corner of a standard SharePoint 2010 site, there is a 3-4 (or longer) second delay until that information is retreived. Granted, in SharePoint, it appears this information is cached for a period of time before it is re-retreived for the user, but this leads to a perceived performance issue. This is a little more than annoying when only a handful of people are trying to access a site, but kind of embarrasing when everyone's seeing it.
Question
Considering that our facility will not have a backup domain controller, is there a feasible work-around strategy I should use that would help improve our SharePoint performance. We intend the site to be authored and maintained by some who are authorized
to make updates, but for the most part, people accessing the site could access is anonymously. Is is possible to have such a mixed mode anonymous / form authentication that can authenticate against NTLM / Active Directory for SP2010? The idea here
is to allow people to view content, but not manage it without logging in using AD credentials.
Thanks in advance for any suggestions.
-Chris
-Chris