[THIN] IIS Assistance
- From: adamadz <adz@xxxxxxxxxxx>
- To: thin@xxxxxxxxxxxxx
- Date: Wed, 30 Apr 2003 10:39:02 -0400
Hi all,
I have been tasked with locking down access to our Citrix Nfuse Portal
from our employees. We have the following Citrix configuration.. 3
internal MetaFrame XP servers all running the Nfuse service, two load
balanced external Nfuse servers and two load balanced external boxes
running CSG. The problem is that we need full control over who can
access the MetaFrame farm internally ONLY, externally ONLY, and over who
can access both.
So far, here's my solution:
Locking down external access: External customers must receive
instructions on how to request a certificate from our site that is
required to access the external Nfuse servers, as well as a password to
access the page to get to the request certificate script. This is
working well for us.
Locking down internal access: Since you cant specify NT group
restrictions in IIS, I changed the NTFS permissions on the file level
for the login.asp file in the Citrix iisweb directory on the internal
Nfuse/MetaFrame boxes. This covers our need as only approved internal
customers are in the NTFS permissions to access the file.
Now my question is that ever since we locked down the NTFS file
permissions on the IIS farm, it's been prompting users that DO have
access for their login credentials (username, password, domain). This
needs to be transparent and not prompt approved users for credentials to
login. Any suggestions on how to accomplish this are greatly
appreciated.
-adamadz
********************************************************
This Week's Sponsor - Emergent Online
EOL's Universal Printer new Features include:
Network Printing, Pagestreaming, 2400 DPI.
No Client Software Required!
http://www.go-eol.com/
**********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
Other related posts:
