Re: ISA and NT Grups
- From: "Jim Harrison" <jim@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Sun, 16 Sep 2001 13:40:51 -0700
That way everyone can see when I hose it up totally...
;-)
Jim Harrison
MCP(2K), A+, Network+, PCG
----- Original Message -----
From: "Thomas W. Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Sunday, September 16, 2001 1:29 PM
Subject: [isalist] Re: ISA and NT Grups
http://www.ISAserver.org
Hi Jim,
Why are you trying to keep it in the list?
Thanks!
Tom
Thomas W Shinder, M.D., MCSE, MCT
-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Sunday, September 16, 2001 2:23 PM
To: [ISAserver.org Discussion List]
Cc: isa@xxxxxxxxxxxxxx
Subject: [isalist] Re: ISA and NT Grups
http://www.ISAserver.org
(Still trying to keep it in the list)
No, you can't depend on the NT security "ticket" the user carries with
him.
If you want user authentication, then you must use the FW client or web
client settings.
Jim Harrison
MCP(2K), A+, Network+, PCG
----- Original Message -----
From: "Babak" <isa@xxxxxxxxxxxxxx>
To: "'Jim Harrison'" <jim@xxxxxxxxxxxx>
Sent: Sunday, September 16, 2001 3:48 AM
Subject: RE: ISA and NT Grups
Dear Sir,
thanks so much for your help.
I just wanted to make clear that what I want to do is not possible as
you
say. just confirm it or tell me if I am wrong!
Because I am using NAT client I can not set protocol rule based on a
person
or group. and if I want to use web proxy so I know who my user is I have
to
tell the user to set the browser proxy setting.
you see my users are remote users. is there any way that when he
authenticate to NT, then there will be no need to authenticate in ISA.
Beacuse my users are remote I prefer not to tell them to set the proxy
setting.but I want to filter the protocols by user groups. is there a
way?
with so much thanks for your pationte.
Best Regards
Babak Dashti
-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Saturday, September 15, 2001 8:35 PM
To: [ISAserver.org Discussion List]
Cc: isa@xxxxxxxxxxxxxx
Subject: Re: ISA and NT Grups
(Keeping it in the list)
That configuration works because of the setting you chose in the HTTP
redirector. The disadvantage to that is that your client browser won't
be
able to authenticate because the HTTP redirector does not pass the
authentication through to the web proxy service.
If you want user authentication, you have to set the proxy information
in
the browser.
Jim Harrison
MCP(2K), A+, Network+, PCG
----- Original Message -----
From: "Babak" <isa@xxxxxxxxxxxxxx>
To: <jim@xxxxxxxxxxxx>
Sent: Saturday, September 15, 2001 2:23 AM
Subject: ISA and NT Grups
Dear Mr. Harrison
As you know, you help me and sent a response about Internet Access. I
read
other your response to one of ISA Group that it is same to my trouble
too.
You explained 4 items, therfore I configure my ISA same to your commands
but
I have to setup my proxy in IE5 too, if I interested to active my
Firewall.
In previouse configure in Extention - Http Filter properties I selected
first Item
not 3th item "SecureNat Clients ..." (that you explain in item 3 in
your
mail)
and my clients in LAN could access to Internet w/o any new
configure of IE5 or Proxy on IE5.
Now, please let me know that we are wrong in configuration or we need to
more new setup of ISA Server for Access to Internet throgh IE5 Browser
w/o
putting any proxy setting.
Best Regards
Babak Dashti
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
