RE: One logged in member using anothers credentials

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Fri, 13 Dec 2002 13:46:46 -0600

Hi Jeff,

If users are sharing credentials, you have a lot bigger problem than
Internet access control :-)

You can limit users to a single machine, which you probably should do in
type of environment you're working in now.

HTH,
Tom

Thomas W Shinder
www.isaserver.org/shinder 
http://tinyurl.com/1jq1
http://tinyurl.com/1llp

 
 


-----Original Message-----
From: Jeff Sloan [mailto:jsloan@xxxxxxxxxxxx] 
Sent: Friday, December 13, 2002 12:58 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] One logged in member using anothers credentials


http://www.ISAserver.org


I limit internet access by group membership.

If a user that does not have access loggs in to his machine and tries to
browse the web, he gets a username, password, domain prompt from ISA.

If he uses a "borrowed" user's account credentials (who does have group
membership), he gets in to the web.

Now the logs and session info shows the borrowed account as connecting,
not the account the computer is logged in as.

I want to make it harder on them. If they have someone else's passwords,
I
want them to have to sign in to the computer as that person.

If they don't, then they have acces to their own files and e-mail, and
someone elses web access.

How can I make the request for log in screen not come up for this
situation, yet still be able to log by user name?

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » One logged in member using anothers credentials
• » RE: One logged in member using anothers credentials
• » RE: One logged in member using anothers credentials
• » RE: One logged in member using anothers credentials
• » RE: One logged in member using anothers credentials

1. Home
2. isalist
3. Archive
4. 12-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---