Re: Blocking ads
- From: "Scheele, Brian" <bscheele@xxxxxxxxxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 8 Aug 2002 10:08:26 -0400
I had the same problem. My solution works good enough as long as you do not
have specific users who should be allowed to specific sites, for example,
allowing the shipping department access to only www.ups.com. This can work
depending on what OS your clients use. It is no good for Windows 95
clients.
To get around the issue of users having to supply credentials for the denied
ad sites, I had to do the following:
First, don't assign Internet Access rights based on person.
2nd, in Active Directory, divide your users into two groups: "Allowed
Internet Access" and "Not Allowed Internet Access"
3rd, create a group policy for the "Allowed" group that forces the proxy
address to be the address of the ISA server.
4th, create a group policy for the "Not Allowed" group that forces the proxy
address to 127.0.0.1 or some other address.
5th, for both groups, you may want to make it so that your users cannot
change these settings
This way, you are assigning which users can access the Internet through AD
and not ISA.
Thanks,
Brian K. Scheele
Systems Administrator
Clark Filter
3649 Hempland Road
Lancaster, PA 17601-1393
Ph. 717-285-5941 x176
Fx. 717-285-3039
-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Wednesday, August 07, 2002 8:24 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Blocking ads
http://www.ISAserver.org
It sounds like you're using a user or group association with that rule.
What happens if it applies to all requests?
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/authors/harrison
http://jalojash.org/isatools
Read the books!
----- Original Message -----
From: "KJ Demott" <prjit@xxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Wednesday, August 07, 2002 3:12 PM
Subject: [isalist] Blocking ads
http://www.ISAserver.org
I have created a site and content rule and destination set to block a couple
of the larger ad sites (for all requests). It seems to be working all right,
except a window pops up asking for user ID and password for every ad that is
blocked. This can get annoying after a while. Is there any way to block
these ads that is transparent to clients?
TIA
K Demott
_________________________________________________________________
Join the world's largest e-mail service with MSN Hotmail.
http://www.hotmail.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
bscheele@xxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
