RE: Don't like Microsoft's Solution

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Wed, 19 Mar 2003 19:42:53 -0600

Hi Amy,

Use a client address set for these downlevel clients for outbound access
control. 

HTH,
Tom

Thomas W Shinder 
www.isaserver.org/shinder 
ISA Server and Beyond: http://tinyurl.com/1jq1 
Configuring ISA Server: http://tinyurl.com/1llp 



-----Original Message-----
From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx] 
Sent: Wednesday, March 19, 2003 1:53 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Don't like Microsoft's Solution


http://www.ISAserver.org


I have a client computer getting an invalid page fault in negotiate.dll.
A knowledgebase search reveals that the solution is to enable
non-authenticated access in ISA. I don't really care for this idea. Do
you know another way around the problem? Unfortunately we need the 3
components that collude together to create this problem.

From MS Knowledgebase: The problem occurs only if all of the following
conditions are true during an attempt to verify user credentials against
a Microsoft Internet Security and Acceleration (ISA) server: 
The Directory Services Client for Windows is installed on the client
computer.
The Microsoft Firewall Client is installed on the client computer.
The ISA server is set up as a firewall, and it requires client
authentication (enforces user and group access policy through Site and
Content Rules, and through Protocol Rules).

CAUSE
This issue occurs because the client authentication package references
nonexistent memory while checking credentials. 

RESOLUTION
To work around this issue, enable non-authenticated access.


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » Don't like Microsoft's Solution
• » RE: Don't like Microsoft's Solution

1. Home
2. isalist
3. Archive
4. 03-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---