I'm sorry Tom, but you can't click the OK button on the set unless you specify something (a computer, IP or root address), in the destination field. How do I accomplish this. Thomas W Shinder <tshinder@xxxxxxxxxxxxxxxxxx> wrote:http://www.ISAserver.org Hi Daniel, My wife is a genius. I'm an average guy who just sits at his desk twice a long :-) Give those users access to the subdirectories they need access too using a Destination Set. The Destination Set includes the subdirectories, but not the root. Sort of like: /exchange* /exchweb* /public* This vererable Exchange Destination Set does not allow the client access to the Root of the Web, as you've probably noticed already when trying to get to the root of the OWA site. Just do the same for your Web. HTH, Tom Thomas W Shinder www.isaserver.org/shinder ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: Daniel Chaveco [mailto:danielchaveco@xxxxxxxxx] Sent: Wednesday, May 28, 2003 12:15 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: Deny Intranet Root but allow Sub-Pages. http://www.ISAserver.org Tom, You're a genious. Thank You. But that works but only if the user types in the full path http://home.mycompany.com/default.asp. Typically, the user selects the home page from his Favorites section which defaults him to http://home.mycompany.com. Since there is no default.asp in that link, the deny does not occurr. To your other point, I see what you're saying but how do I give access to the sub-pages, without giving a deny to the root. Everyone has access to the Intranet site but I need to deny one department from seeing it, while still getting that same department to the pages underneath. Thomas W Shinder <tshinder@xxxxxxxxxxxxxxxxxx> wrote: http://www.ISAserver.org Hi Daniel, Just create the deny rule for the index.html or whatever the name of the page is. Also, remember one of the top ten mistakes ISA Server admins make is using deny rules when giving access only to what's required is the best way to go. HTH, Tom Thomas W Shinder www.isaserver.org/shinder ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: Daniel Chaveco [mailto:danielchaveco@xxxxxxxxx] Sent: Wednesday, May 28, 2003 11:29 AM To: [ISAserver.org Discussion List] Subject: [isalist] Deny Intranet Root but allow Sub-Pages. http://www.ISAserver.org I am trying to deny access to the root of my INTRANET home page (http://home.mycompnay.com), using a deny rule. However I want certain users to be able to see underneath the root for other things like holiday schedules lets say, (i.e. http://home.mycompany.com/HR). I have set this and other pages up with an allow rule. However, when any of my users tries to get to any page in the site, they are denied. I know the deny rule applies first, but how can I make this work? Thank You -DC ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: danielchaveco@xxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') --------------------------------- Do you Yahoo!? Free online calendar with sync to Outlook(TM).