RE: Deny Intranet Root but allow Sub-Pages.
- From: Daniel Chaveco <danielchaveco@xxxxxxxxx>
- To: "\[ISAserver.org Discussion List\]" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 28 May 2003 11:43:34 -0700 (PDT)
OK Tom. Now that I've got my original question answered, as a follow up
question: we also have a secure root HTTPS://home.mycompany.com. How do I
block access to this using ISA? I cannot create a rule to block this, as it
will not accept http or https in the destination field...
-DC
Thomas W Shinder <tshinder@xxxxxxxxxxxxxxxxxx> wrote:
http://www.ISAserver.org
Hi Daniel,
My wife is a genius. I'm an average guy who just sits at his desk twice a long
:-)
Give those users access to the subdirectories they need access too using a
Destination Set. The Destination Set includes the subdirectories, but not the
root. Sort of like:
/exchange*
/exchweb*
/public*
This vererable Exchange Destination Set does not allow the client access to the
Root of the Web, as you've probably noticed already when trying to get to the
root of the OWA site. Just do the same for your Web.
HTH,
Tom
Thomas W Shinder
www.isaserver.org/shinder
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
-----Original Message-----
From: Daniel Chaveco [mailto:danielchaveco@xxxxxxxxx]
Sent: Wednesday, May 28, 2003 12:15 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Deny Intranet Root but allow Sub-Pages.
http://www.ISAserver.org Tom,
You're a genious. Thank You. But that works but only if the user types in the
full path http://home.mycompany.com/default.asp. Typically, the user selects
the home page from his Favorites section which defaults him to
http://home.mycompany.com. Since there is no default.asp in that link, the deny
does not occurr.
To your other point, I see what you're saying but how do I give access to the
sub-pages, without giving a deny to the root. Everyone has access to the
Intranet site but I need to deny one department from seeing it, while still
getting that same department to the pages underneath.
Thomas W Shinder <tshinder@xxxxxxxxxxxxxxxxxx> wrote:
http://www.ISAserver.org
Hi Daniel,
Just create the deny rule for the index.html or whatever the name of the page
is.
Also, remember one of the top ten mistakes ISA Server admins make is using deny
rules when giving access only to what's required is the best way to go.
HTH,
Tom
Thomas W Shinder
www.isaserver.org/shinder
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
-----Original Message-----
From: Daniel Chaveco [mailto:danielchaveco@xxxxxxxxx]
Sent: Wednesday, May 28, 2003 11:29 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Deny Intranet Root but allow Sub-Pages.
http://www.ISAserver.org I am trying to deny access to the root of my INTRANET
home page (http://home.mycompnay.com), using a deny rule. However I want
certain users to be able to see underneath the root for other things like
holiday schedules lets say, (i.e. http://home.mycompany.com/HR). I have set
this and other pages up with an allow rule. However, when any of my users
tries to get to any page in the site, they are denied. I know the deny rule
applies first, but how can I make this work?
Thank You
-DC
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
danielchaveco@xxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
---------------------------------
Do you Yahoo!?
Free online calendar with sync to Outlook(TM).
Other related posts:
