IIS Authentication Options

Hi,

I am working on a large scale deployment/ design plan for IIS 6.0 Web
Servers (around 1000 servers). These will be in multiple DMZ's but we
would like to manage them via a dedicated Management network and users
from the inside should be able to authenticate to the IIS 6.0 servers
in the DMZ without having to remember 100's of different passwords.

I believe my options are:

1. Have a DMZ Domain and then create a 1 way trust from the inside
domain to the outside domain so that our support staff can support the
solution without having to create 100's of local accounts and have a
huge overhead of Password management.

2. Palm off the authentication for management over RDP to a Central
Radius server - Can this e done easily? If so how - I cant find the
documentation on it. This is fairly clean in terms of authetication but
then all servers would be in a workgroup senario this GPOs would be
difficult to apply centrally.

3. Local accounts on each server with the servers in a work group (less
risk of security breaches as its totally segregated from inside domain)
- nightmare to manage passwords and support would also be difficult
long term as GPO's etc could not be applied.

4. Configure a Terminal server jump off point to access all web servers
in DMZ and have a DMZ domain segregated from the internal domain.
Theory would be that network access would be possible from inside to
DMZ Terminal service box and then from there access would be possible
to the DMZ Domain Controller and Web Servers.

Any thoughts / pointers/ doc refs or advice would be appreciated.