RE: Authentication

From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Date: Tue, 23 Nov 2004 07:33:12 -0800
See if this helps:
1. Copy everything between <snip> and </snip> (don't include the
"snips").
2. save it on the ISA itself as "returndenied.js"
3. run it on the ISA itself as 'cscript returndenied.js'.
4. you should see a message like this:

C:\>ReturnDenied.js
Microsoft (R) Windows Script Host Version 5.6
Copyright (C) Microsoft Corporation 1996-2001. All rights reserved.

Examining External
 -- External disallows web proxy clients...

Examining Internal
 -- Internal allows web proxy clients...
 -- Internal Web Proxy Clients were re-prompted.
 -- Internal Web Proxy Clients will not be reprompted.

Examining Local Host
 -- Local Host disallows web proxy clients...

Examining Quarantined VPN Clients
 -- Quarantined VPN Clients disallows web proxy clients...

Examining VPN Clients
 -- VPN Clients disallows web proxy clients...


..If you re-run it, it will reverse the state of the "prompt denied
users" setting (actually called "ReturnAuthRequiredIfAuthUserDenied" in
the SDK).

<snip>
var ISA = new ActiveXObject( "FPC.Root" );
var ThisArray = ISA.GetContainingArray();
var Networks = new Enumerator( ThisArray.NetworkConfiguration.Networks
);
for( ; !Networks.atEnd(); Networks.moveNext() )
{
        var Network = Networks.item();
        WScript.Echo( "Examining " + Network.Name );
        if( Network.EnableWebProxyClients )
        {
                WScript.Echo( " -- " + Network.Name + " allows web proxy
clients..." );
                var WebProxyListener = Network.WebListenerProperties;
                var szSetMessage = " -- " + Network.Name + " Web Proxy
Clients were ";
                var szChgMessage = " -- " + Network.Name + " Web Proxy
Clients will ";
                var bRtnDenied =
WebProxyListener.ReturnAuthRequiredIfAuthUserDenied;

                szSetMessage += ( bRtnDenied )? "re-prompted.": "not
reprompted.";
                WScript.Echo( szSetMessage );
                WebProxyListener.ReturnAuthRequiredIfAuthUserDenied =
!bRtnDenied;
                WebProxyListener.Save();

                bRtnDenied =
WebProxyListener.ReturnAuthRequiredIfAuthUserDenied;
                szChgMessage += ( bRtnDenied )? "be re-prompted.": "not
be reprompted.";
                WScript.Echo( szChgMessage );
        }
        else
        {
                WScript.Echo( " -- " + Network.Name + " disallows web
proxy clients..." );
        }
        WScript.Echo( "" );
}
</snip>

  Jim Harrison
  MCP(NT4, W2K), A+, Network+, PCG
  http://isaserver.org/Jim_Harrison/
  http://isatools.org
  Read the help / books / articles!
 
 

-----Original Message-----
From: AHendriks@xxxxxx [mailto:AHendriks@xxxxxx] 
Sent: Tuesday, November 23, 2004 5:59 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Authentication

http://www.ISAserver.org

I'm using ISA 2004 .

Arjan
> -----Original Message-----
> From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] 
> Sent: dinsdag 23 november 2004 14:40
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Authentication
> 
> http://www.ISAserver.org
> 
> What version of ISA?
> 
> 
>   Jim Harrison
>   MCP(NT4, W2K), A+, Network+, PCG
>   http://isaserver.org/Jim_Harrison/
>   http://isatools.org
>   Read the help / books / articles!
>  
>  
> -----Original Message-----
> From: AHendriks@xxxxxx [mailto:AHendriks@xxxxxx] 
> Sent: Tuesday, November 23, 2004 1:28 AM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] Authentication
> 
> http://www.ISAserver.org
> 
> When a user connects to the ISA server, he needs credentials 
> which need
> to be confirmed by the Domain, so i have configured the Domain Users
> group with access rights for HTTP connections.
> 
> When a user try's to connect, he needs to enter his 
> credentials, when an
> other frame is opend, the user needs to enter the credentials again.
> 
> How can i configure ISA, so that a user needs only to enter his
> credentials ones ?
> 
> Arjan
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> jim@xxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> All mail to and from this domain is GFI-scanned.
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion 
> List as: ahendriks@xxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.
RE: Authentication

Other related posts:
