I am building an intranet application for a Windows Domain based network. It is a client-server application - the server being an ASP .NET web application and the clients - .NET 2.0 based desktop applications. I intend to use Active Directory and Group policies to install the client application across clients in the network.
Are there any general guidelines that need to be followed for building an application of this sort?
Any security issues to be aware of?
Is it okay to have a web application work as your server in an intranet solution of this sort - given that clients wouldn't communicate with the server using sockets - instead clients would communicate with the server using simple web service calls?
Anything in particular that I need to know before going ahead with this type of app-building?
What you're describing is a pretty standard setup for Microsoft intranets. Security is a big topic...do you know how to configure IIS security, .NET security, domain security, Internet Explorer security, workstation security...you get the picture. Someone needs to be across each of these, if you are not the sys admin (are you a programmer?) then you should speak to the sysadmin and discuss these issues.
I guess one thing to mention is that many places just use NTLM for authentication if they are a Microsoft shop, and NTFS for securing web folders.