For a pet project, I'm setting up a Windows 2003 web server. I want to be able to use SharePoint as a website that I can access over the internet. I did some research an discovered I should use ISA to secure SharePoint. If I don't however, my question is if I setup SharePoint on the server and set access permissions etc with AD users and groups, when I try to access SharePoint over the internet will it ask me to login with a valid AD user account?. Basically I want to know if SharePoint uses active directory as a back end database for user permissions when I access SharePoint over the internet.