Its generally good practice security wise if possible to keep public facing web servers either out of your AD domain, or have them in their own domain.
For me I encountered a problem where I have a non domain server running an .NET application which needed to write files to a cifs share which was using domain authentication.
This was a problem initially as the default application pool runs as a local builtin account and therefore has no permissions on the remote cifs share, however, I decided that I would be happy enough creating a user which mirrored a domain user by name and password, and hope that pass through authentication would work.
It didnt 🙁
So after lots of digging and gnashing of teeth, a colleague of mine found the perfect solution.
In windows 2008 there is a command called cmdkey which allows you to use a local account to cache domain user account credentials for a specific target domain / server.
So in my instance running a dos prompt as my new user, I did a cmdkey /add:cifsserver /user:domainname\username pass:domainuserpass
And bingo everything now works a treat!