http://www.ISAserver.org ------------------------------------------------------- The "yet" is what I was waiting for ;) t On 4/25/06 7:38 PM, "Jim Harrison" <Jim@xxxxxxxxxxxx> spoketh to all: > http://www.ISAserver.org > ------------------------------------------------------- > > Right - it's not that granular (yet?). > > ------------------------------------------------------- > Jim Harrison > MCP(NT4, W2K), A+, Network+, PCG > http://isaserver.org/Jim_Harrison/ > http://isatools.org > Read the help / books / articles! > ------------------------------------------------------- > > > -----Original Message----- > From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On > Behalf Of Thor (Hammer of God) > Sent: Tuesday, April 25, 2006 18:45 > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Re: Enterprise scripting question > > http://www.ISAserver.org > ------------------------------------------------------- > > Right... I was just asking if delegation would be carved out to process rights > rather than a preset "role." I'm a bit ignorant of the capabilities here > because only 2 people in our entire organization can even touch the ISA boxes, > and I'm one of them, so I've not delved into delegation before.. But, are you > saying that to add/edit destination sets one has to be an ISA Enterprise or > ISA Array admin? There is no way to delegate "Edit Destination Set" to a > regular user (like one can in AD), right? > > t > > > On 4/25/06 6:18 PM, "Jim Harrison" <Jim@xxxxxxxxxxxx> spoketh to all: > >> http://www.ISAserver.org >> ------------------------------------------------------- >> >> To clarify - this is the "ISA Enterprise" or "ISA Array" admin. >> The limit to delegation is "auditor" - someone who can read, but not write. >> >> ------------------------------------------------------- >> Jim Harrison >> MCP(NT4, W2K), A+, Network+, PCG >> http://isaserver.org/Jim_Harrison/ >> http://isatools.org >> Read the help / books / articles! >> ------------------------------------------------------- >> >> >> -----Original Message----- >> From: isalist-bounce@xxxxxxxxxxxxx >> [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thor (Hammer of >> God) >> Sent: Tuesday, April 25, 2006 16:47 >> To: isalist@xxxxxxxxxxxxx >> Subject: [isalist] Re: Enterprise scripting question >> >> http://www.ISAserver.org >> ------------------------------------------------------- >> >> Ewe. Didn't know you had to run the Full Monty just to add destination >> sites. >> Will we be seeing delegation of process in future releases? Or are >> scripts/automation processes destined to be run with stored creds somewhere? >> >> t >> >> >> On 4/25/06 4:28 PM, "Jim Harrison" <Jim@xxxxxxxxxxxx> spoketh to all: >> >>> http://www.ISAserver.org >>> ------------------------------------------------------- >>> >>> Whatever account you use, it should be either an Enterprise or Array >>> admin, depending on what context you're operating in. I wouldn't >>> want to run the web app in a user context unless you unequivocally >>> trust your own coding skills. >>> If you answered "yes, I do..", then remind me to never hire you... >>> :-p >>> >>> ------------------------------------------------------- >>> Jim Harrison >>> MCP(NT4, W2K), A+, Network+, PCG >>> http://isaserver.org/Jim_Harrison/ >>> http://isatools.org >>> Read the help / books / articles! >>> ------------------------------------------------------- >>> >>> >>> -----Original Message----- >>> From: isalist-bounce@xxxxxxxxxxxxx >>> [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thor (Hammer of >>> God) >>> Sent: Tuesday, April 25, 2006 15:11 >>> To: isalist@xxxxxxxxxxxxx >>> Subject: [isalist] Re: Enterprise scripting question >>> >>> http://www.ISAserver.org >>> ------------------------------------------------------- >>> >>> You could also run the web app underneath the creds of a user that >>> has permissions to do that, though I couldn't find anywhere exactly >>> what rights had to be given to the account. You obviously wouldn't >>> want to do that under an account that had escalated privileges (only >>> was specifically granted the rights for that process.) >>> >>> t >>> >>> >>> On 4/25/06 2:20 PM, "Jim Harrison" <Jim@xxxxxxxxxxxx> spoketh to all: >>> >>>> http://www.ISAserver.org >>>> ------------------------------------------------------- >>>> >>>> You have to pass the credentials in the >>>> connectotoconfigurationstorageserver >>>> method when you run in an ASP page because the ASP process operates >>>> under the network services account, which has no rights in CSS. >>>> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/isa >>>> s d k/isa/fp c_connecttoconfigurationstorageserver.asp >>>> Spells it out in gory detail. >>>> >>>> ..of course, this means you have to stash those credentials >>>> somewhere ASP can find them, BUT NOT IN PLAIN TEXT anywhere. >>>> >>>> ------------------------------------------------------- >>>> Jim Harrison >>>> MCP(NT4, W2K), A+, Network+, PCG >>>> http://isaserver.org/Jim_Harrison/ >>>> http://isatools.org >>>> Read the help / books / articles! >>>> ------------------------------------------------------- >>>> >>>> >>>> -----Original Message----- >>>> From: isalist-bounce@xxxxxxxxxxxxx >>>> [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Periyasamy, Raj >>>> Sent: Tuesday, April 25, 2006 14:11 >>>> To: isalist@xxxxxxxxxxxxx >>>> Subject: [isalist] Enterprise scripting question >>>> >>>> http://www.ISAserver.org >>>> ------------------------------------------------------- >>>> >>>> Hi all, >>>> I am trying to create a web based interface, just for adding domains >>>> to a Domain Name Set. The script itself runs fine if I run it from >>>> the command prompt. However, when I try to embed the code in an ASP >>>> page, the script fails while trying to do >>>> ConnectToConfigurationStorageServer. >>>> >>>> The following is the extract of the code from the ASP page: >>>> >>>> Set root = CreateObject("FPC.Root") >>>> root.ConnectToConfigurationStorageServer cssComputer >>>> Set oIsaArray = root.Arrays.Item("INFINEUM") >>>> Set oDomainNameSet = >>>> oIsaArray.RuleElements.DomainNameSets.Item(sDomainNameSetName) >>>> oDomainNameSet.Add(sDomainToAdd) >>>> If Err.Number = -2147024713 Then >>>> response.write "Error: Domain " + sDomainToAdd + " is >>>> already unblocked." >>>> Else >>>> oDomainNameSet.Save >>>> response.write "Success: Domain " + sDomainToAdd + " is now unblocked." >>>> End If >>>> root.disConnectFromConfigurationStorageServer >>>> >>>> >>>> The following is the error message I get when accessing the URL, >>>> >>>> Error Type: >>>> FPC.Root.1 (0x80070002) >>>> The system cannot find the file specified. >>>> /prx_urlexcept.asp, line 38 >>>> >>>> >>>> >>>> Line 38 happens to be "oFPC.ConnectToConfigurationStorageServer >>>> cssComputer" >>>> >>>> Would appreciate any inputs. >>>> >>>> Thanks. >>>> >>>> >>>> Regards, >>>> Raj Periyasamy >>>> MCSE(Messaging), CCNA >>>> >>>> ------------------------------------------------------ >>>> List Archives: //www.freelists.org/archives/isalist/ >>>> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >>>> ISA Server Articles and Tutorials: >>>> http://www.isaserver.org/articles_tutorials/ >>>> ISA Server Blogs: http://blogs.isaserver.org/ >>>> ------------------------------------------------------ >>>> Visit TechGenix.com for more information about our other sites: >>>> http://www.techgenix.com >>>> ------------------------------------------------------ >>>> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp >>>> Report abuse to listadmin@xxxxxxxxxxxxx >>>> >>>> >>>> All mail to and from this domain is GFI-scanned. >>>> >>>> ------------------------------------------------------ >>>> List Archives: //www.freelists.org/archives/isalist/ >>>> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >>>> ISA Server Articles and Tutorials: >>>> http://www.isaserver.org/articles_tutorials/ >>>> ISA Server Blogs: http://blogs.isaserver.org/ >>>> ------------------------------------------------------ >>>> Visit TechGenix.com for more information about our other sites: >>>> http://www.techgenix.com >>>> ------------------------------------------------------ >>>> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp >>>> Report abuse to listadmin@xxxxxxxxxxxxx >>>> >>>> >>>> >>> >>> >>> ------------------------------------------------------ >>> List Archives: //www.freelists.org/archives/isalist/ >>> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >>> ISA Server Articles and Tutorials: >>> http://www.isaserver.org/articles_tutorials/ >>> ISA Server Blogs: http://blogs.isaserver.org/ >>> ------------------------------------------------------ >>> Visit TechGenix.com for more information about our other sites: >>> http://www.techgenix.com >>> ------------------------------------------------------ >>> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp >>> Report abuse to listadmin@xxxxxxxxxxxxx >>> >>> >>> All mail to and from this domain is GFI-scanned. >>> >>> ------------------------------------------------------ >>> List Archives: //www.freelists.org/archives/isalist/ >>> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >>> ISA Server Articles and Tutorials: >>> http://www.isaserver.org/articles_tutorials/ >>> ISA Server Blogs: http://blogs.isaserver.org/ >>> ------------------------------------------------------ >>> Visit TechGenix.com for more information about our other sites: >>> http://www.techgenix.com >>> ------------------------------------------------------ >>> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp >>> Report abuse to listadmin@xxxxxxxxxxxxx >>> >>> >>> >> >> >> ------------------------------------------------------ >> List Archives: //www.freelists.org/archives/isalist/ >> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >> ISA Server Articles and Tutorials: >> http://www.isaserver.org/articles_tutorials/ >> ISA Server Blogs: http://blogs.isaserver.org/ >> ------------------------------------------------------ >> Visit TechGenix.com for more information about our other sites: >> http://www.techgenix.com >> ------------------------------------------------------ >> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp >> Report abuse to listadmin@xxxxxxxxxxxxx >> >> >> All mail to and from this domain is GFI-scanned. >> >> ------------------------------------------------------ >> List Archives: //www.freelists.org/archives/isalist/ >> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp >> ISA Server Articles and Tutorials: >> http://www.isaserver.org/articles_tutorials/ >> ISA Server Blogs: http://blogs.isaserver.org/ >> ------------------------------------------------------ >> Visit TechGenix.com for more information about our other sites: >> http://www.techgenix.com >> ------------------------------------------------------ >> To unsubscribe visit http://www.isaserver.org/pages/isalist.asp >> Report abuse to listadmin@xxxxxxxxxxxxx >> >> >> > > > ------------------------------------------------------ > List Archives: //www.freelists.org/archives/isalist/ > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server Articles and Tutorials: > http://www.isaserver.org/articles_tutorials/ > ISA Server Blogs: http://blogs.isaserver.org/ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > Report abuse to listadmin@xxxxxxxxxxxxx > > > All mail to and from this domain is GFI-scanned. > > ------------------------------------------------------ > List Archives: //www.freelists.org/archives/isalist/ > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server Articles and Tutorials: > http://www.isaserver.org/articles_tutorials/ > ISA Server Blogs: http://blogs.isaserver.org/ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > Report abuse to listadmin@xxxxxxxxxxxxx > > > ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx