http://www.ISAserver.org ------------------------------------------------------- Thanks, that gives me a pretty clear direction to look in. Funny, I've read and read on this and we had an ISA Health Check about a month ago and this never popped up. Basic is still in use because of some legacy apps that we can't touch. I'm going to start testing without the WPAD today. _______________________________________________ Eric Poole, CISSP Senior Information Security Analyst Community Regional Medical Center 1140 "T" Street, Fresno, California 93721 phone x56784 (559-459-6784) fax x56025 (559-459-6025) -----Original Message----- From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison Sent: Friday, January 11, 2008 5:21 PM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: ISA 2006 NLB Causing Multiple Prompts Per Session http://www.ISAserver.org ------------------------------------------------------- You can't (effectively) combine WPAD with NLB internally. ..unless you have a complete dislike for any cranial covering you may still possess. Why are you using Basic auth? This is a per-proxy, per-domain re-auth requirement. The ISA WPAD script will redirect the URLs to separate ISA servers, depending on where the CARP script decides it should go. Since each request to a different server necessitates a new authentication, your users will get auth-prompted to death. -----Original Message----- From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Eric Poole, CISSP Sent: Friday, January 11, 2008 5:11 PM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: ISA 2006 NLB Causing Multiple Prompts Per Session http://www.ISAserver.org ------------------------------------------------------- Correct. Basic and Integrated and also supporting WPAD. _______________________________________________ Eric Poole, CISSP Senior Information Security Analyst Community Regional Medical Center 1140 "T" Street, Fresno, California 93721 phone x56784 (559-459-6784) fax x56025 (559-459-6025) -----Original Message----- From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison Sent: Friday, January 11, 2008 4:40 PM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: ISA 2006 NLB Causing Multiple Prompts Per Session http://www.ISAserver.org ------------------------------------------------------- Sounds like you're using a combination of Basic auth (or perhaps RADIUS) and supporting WPAD? -----Original Message----- From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Eric Poole, CISSP Sent: Friday, January 11, 2008 3:26 PM To: isalist@xxxxxxxxxxxxx Subject: [isalist] ISA 2006 NLB Causing Multiple Prompts Per Session http://www.ISAserver.org ------------------------------------------------------- Have a question for all. We have an ISA 2006 array using ISA load balancing. We are in the process of migrating all users from our old ISA 2004 server. A majority of our PC's do not have Internet rights. Individual users are prompted (once to the ISA 2004 server) to login when they go out. In our test group, when a user attempts to access the Internet, they are prompted to first login to the ISA 2006 primary configuration server and then with any link they click on, are subsequently prompted by each array member until they've authenticated to each one. Once they've authenticated to each one they are fine for that session. Once they close their browser and re-launch, the whole thing starts over. Is there a way to have users only login once per array, instead of logging in to each server? Let me know if I'm not making sense or if anyone needs more info. _______________________________________________ Eric Poole, CISSP Senior Information Security Analyst Community Regional Medical Center 1140 "T" Street, Fresno, California 93721 phone x56784 (559-459-6784) fax x56025 (559-459-6025) ------------------------------------------------------- WARNING/CONFIDENTIAL: ------------------------------------------------------- This email, including attachments, may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law (including, but not limited to, protected health information). It is not intended for transmission to, or receipt by, any unauthorized persons. If the reader of this message is not the intended recipient you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you believe this email was sent to you in error, do not read it. Reply to the sender informing them of the error and then destroy all copies and attachments of the message from your system. Thank you. ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------- WARNING/CONFIDENTIAL: ------------------------------------------------------- This email, including attachments, may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law (including, but not limited to, protected health information). It is not intended for transmission to, or receipt by, any unauthorized persons. If the reader of this message is not the intended recipient you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you believe this email was sent to you in error, do not read it. Reply to the sender informing them of the error and then destroy all copies and attachments of the message from your system. Thank you. ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------- WARNING/CONFIDENTIAL: ------------------------------------------------------- This email, including attachments, may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law (including, but not limited to, protected health information). It is not intended for transmission to, or receipt by, any unauthorized persons. If the reader of this message is not the intended recipient you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you believe this email was sent to you in error, do not read it. Reply to the sender informing them of the error and then destroy all copies and attachments of the message from your system. Thank you. ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx