It's not a choice; I do it on a regular basis. It has more to do with how your other rules are configured. Remember that rules are activated in this order: - anonymous ..rule order - deny ..rule order - allow ..rule order Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/pages/author_index.asp?aut=3 http://isatools.org Read the help / books / articles! ----- Original Message ----- From: "Greg" <GregBrady@xxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Sunday, October 13, 2002 11:34 AM Subject: [isalist] RE: Block Ads script http://www.ISAserver.org It is checked off. I find that when I uncheck it, we no longer have the problem. But then we just get anonymous in the logs. So I guess it is a choice between denying sites and logging by user. Has anyone else experienced this? ----- Original Message ----- From: "Jim Harrison" <jim@xxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Sunday, October 13, 2002 2:43 AM Subject: [isalist] RE: Block Ads script > http://www.ISAserver.org > > > Make sure that if you're using user or group-based rules that you select > "Ask unauthenticated users for identification" in the Outgoing web requests > listener. > That's the most common problem with a mix of "deny" and "allow" rules. > > Jim Harrison > MCP(NT4, W2K), A+, Network+, PCG > http://isaserver.org/pages/author_index.asp?aut=3 > http://isatools.org > Read the help / books / articles! > > ----- Original Message ----- > From: "Greg" <GregBrady@xxxxxxxxxx> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > Sent: Saturday, October 12, 2002 6:27 PM > Subject: [isalist] RE: Block Ads script > > > http://www.ISAserver.org > > > Steve > > The file I downloaded from isatools.org already came with an xml file > listing ad sites. However, after I ran the script noone could get on the > Internet. A logon screen came up asking for username, password, and domain. > However, the screen would not accept anyone's credentials, and would just > keep popping up. > > When I removed the "Ads" site and content rule, everything was back to > normal. > As I stated earlier, the ISA is configured: > -We have firewall clients. > -Ask unauthenticated users for identification is checked off for Outgoing > Web Requests. > -The HTTP Redirector is rejecting HTTP requests from Firewall and SecureNat > clients. > -We have some protocol rules configured for specific users, most configured > for any request. > -The only other site and content rule is the default allow rule. > > Is it possible that the script was written for a different configuration, > and conflicts with my server? Any suggestions? > On Monday I will attempt to manually create a site and content rule. > > Greg > > > ----- Original Message ----- > From: "Steve Moffat" <steve@xxxxxxxxxxxxxxx> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > Sent: Saturday, October 12, 2002 8:44 PM > Subject: [isalist] RE: Block Ads script > > > http://www.ISAserver.org > > > No, the isa-ads script is ok, and Isa can block sites, you can get a > zipfile of pre-configured xml's at www.isastuff.mine.nu > > Steve > > -----Original Message----- > From: Greg [mailto:GregBrady@xxxxxxxxxx] > Sent: Saturday, October 12, 2002 9:38 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: Block Ads script > > > http://www.ISAserver.org > > > Thanks Khan. > > I would prefer to use ISA, so that we can block other site types as > well. > > Was the script bad? It was a script - ISA_Ads.vbs - from ISATools.org. > Or is it just that ISA Server can not block sites? I do not know why > this should not work. > > > Gregory > > > ----- Original Message ----- > From: "Faizal Khan" <mis@xxxxxxxxxxxxxx> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > Sent: Saturday, October 12, 2002 9:53 AM > Subject: [isalist] RE: Block Ads script > > > > http://www.ISAserver.org > > > > > > Gregory, > > > > I had done the same thing with my system and found the same problem. > > This is not the solution. Someone mention to me to run a third part > > program such ADware to remove popup. Or update all machines to IE 6 > > and configure cookies to block 3rd party referrals. > > > > With Kind Regards, > > Khan > > > > ____________________________ > > > > Faizal Khan > > MIS Manager > > Guyana Forestry Commission > > 1 Water Street, Kingston, > > Georgetown, GUYANA. > > Tel : + (592) 226-7272 > > Fax : + (592) 226-8956 > > Email: forestry.mis@xxxxxxxxxxxxxxxxx > > Website: http://www.sdnp.org.gy/forestry > > -----Original Message----- > > From: Greg [mailto:GregBrady@xxxxxxxxxx] > > Sent: Friday, October 11, 2002 4:57 PM > > To: [ISAserver.org Discussion List] > > Subject: [isalist] Block Ads script > > > > http://www.ISAserver.org > > > > > > I just ran the block ads script on my new ISA server. Although it > > created a site & Content rule, now whenever anyone attempts to connect > > > to the Internet, a logon box pops up. Entering user credentials does > > not help > > - it > > keeps popping up, and noone can get access to the Internet. > > > > We have firewall clients. > > Ask unauthenticated users for identification is checked off for > > Outgoing Web Requests. > > The HTTP Redirector is rejecting HTTP requests from Firewall and > > SecureNat > > clients. > > > > I changed the site & content rules (Block Ads, and the Default) to > > apply to Everyone in the domain, rather than the default Any Request. > > > But that did > > not help. > > > > When I deleted the rule created by the script and restarted the > > services, everything worked again. But I would like to block ads and > > popups, so I would like to fix this. Did I configure something wrong? > > > > Gregory > > > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Exchange Server Resource Site: http://www.msexchange.org/ Windows > > Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT > > > Fax Solutions: http://www.ntfaxfaq.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion List as: > > > mis@xxxxxxxxxxxxxx To unsubscribe send a blank email to > > $subst('Email.Unsub') > > --- > > [This E-mail was scanned by the Inter.Net.Works Virus Daemon] > > > > > > --- > > [This E-mail was scanned by the Inter.Net.Works Virus Daemon] > > > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Exchange Server Resource Site: http://www.msexchange.org/ Windows > > Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT > > > Fax Solutions: http://www.ntfaxfaq.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion List as: > gregbrady@xxxxxxxxxx > > To unsubscribe send a blank email to > > $subst('Email.Unsub') > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Exchange Server Resource Site: http://www.msexchange.org/ Windows > Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT > Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > steve@xxxxxxxxxxxxxxx To unsubscribe send a blank email to > $subst('Email.Unsub') > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Exchange Server Resource Site: http://www.msexchange.org/ > Windows Security Resource Site: http://www.windowsecurity.com/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > gregbrady@xxxxxxxxxx > To unsubscribe send a blank email to $subst('Email.Unsub') > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Exchange Server Resource Site: http://www.msexchange.org/ > Windows Security Resource Site: http://www.windowsecurity.com/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > jim@xxxxxxxxxxxx > To unsubscribe send a blank email to $subst('Email.Unsub') > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Exchange Server Resource Site: http://www.msexchange.org/ > Windows Security Resource Site: http://www.windowsecurity.com/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: gregbrady@xxxxxxxxxx > To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')