I am trying to set up access policies that specify users instead of allowing all IP traffic and any site request. (I want to be able to analyze ISA logs by user, so I selected to ask unauthenticated users for identification, and set up policies for them.) However, it seems that no matter what I do, only administrators can access the Internet. After spending a lot of time making policies that were a bit complicated, I disabled all of them, and made a Site & Content Rule that allowed all destinations and content from every user and then a protocol rule that allows all http requests from every user. After restarting the service to make these changes, still only administrators have access to the Internet. I have tried everything even giving specific users access to specific destinations and denying all users except for specific ones-- and nothing. I simply cannot get non-administrators access to the Internet by checking the "ask unauthenticated users for identification" option. Any suggestions you can give would be greatly appreciated.