About the Control Compliance Suite Web Portal server

The Control Compliance Suite Web Portal server is hosted by a computer that also hosts the Microsoft Internet Information Server (IIS). The Web Portal allows access to some Control Compliance Suite content without requiring the full Control Compliance Suite Console.

The Control Compliance Suite Web Portal lets you do the following:

Distribute policy notifications to end users across the enterprise and track when users read and acknowledge the policies.
Request exceptions to policies.
Request exceptions from control points.

By default, the Web Portal uses integrated Windows security. If the user domain and the Web Portal domain have a trust relationship, the Web Portal uses the existing user credentials. The user does not need to enter a name and password to access the Web Portal. If no trust relationship exists, the user is prompted for a name and a password.

If the Web Portal, the Application Server, and the Directory Server are hosted by the same computer, the Control Compliance Suite uses Windows NTLM authentication. If the Web Portal, the Application Server, and the Directory Server are hosted on multiple computers, you must enable Kerberos authentication on all components. Kerberos authentication lets credentials be passed from the Web Portal client to the Web Portal server, then on to the Application Server. The Application Server can then pass the credentials to the Directory Server.

For information about Kerberos authentication, see the Microsoft Knowledge Base.

http://support.microsoft.com/kb/326985.