Which portion? I want any user not configured as a group in the CAG User Groups, to not be able to use this... _____ From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jeff Pitsch Sent: Wednesday, August 02, 2006 3:45 PM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Access Gateway 4.2 What is your default policy set too? Jeff Pitsch Microsoft MVP - Terminal Server Forums not enough? Get support from the experts at your business http://jeffpitschconsulting.com <http://jeffpitschconsulting.com/> On 8/2/06, Schneider, Chad M <CMSchneider@xxxxxxxxx <mailto:CMSchneider@xxxxxxxxx> > wrote: I have the Deny Access without ACL checked as well...which should stop this, "if a user does not belong to a group"..."If the deny access option is enabled, the user will not be able to establish a VPN connection. I have a floor user logon, I can hit the Gateway, from the internet, log into Web Interface, and launch applications through citrix, without fail. _____ From: thin-bounce@xxxxxxxxxxxxx <mailto:thin-bounce@xxxxxxxxxxxxx> [mailto:thin-bounce@xxxxxxxxxxxxx <mailto:thin-bounce@xxxxxxxxxxxxx> ] On Behalf Of Jeff Pitsch Sent: Wednesday, August 02, 2006 3:12 PM To: thin@xxxxxxxxxxxxx <mailto:thin@xxxxxxxxxxxxx> Subject: [THIN] Re: Access Gateway 4.2 Is this simply the CAG? You can setup groups in the CAG that would allow you to define who has access. Jeff Pitsch Microsoft MVP - Terminal Server Forums not enough? Get support from the experts at your business http://jeffpitschconsulting.com <http://jeffpitschconsulting.com/> On 8/2/06, Schneider, Chad M < CMSchneider@xxxxxxxxx <mailto:CMSchneider@xxxxxxxxx> > wrote: I have it configured for LDAP, working great...well...sort of... I want it to only allow the users/groups I grant rights to, the ability to use this...not the ENTIRE LDAP directory... Can anyone assist? Chad Schneider Technology Analyst/Citrix Admin. Bemis Company, Inc. 920-303-7609