• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

AD Users

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Cache] >> General >> AD Users Page: [1]
Login
Message << Older Topic   Newer Topic >>
AD Users - 23.Feb.2007 3:58:45 PM   
chrno

 

Posts: 2
Joined: 23.Feb.2007
Status: offline
My setup:

ISA is setup with a single NIC (mainly web monitoring with Websense). Then I setup WPAD using DNS and set all IE browsers to use AutoDetect. ISA Server is configured as a member server on the AD Domain.

Proxy works great. But I've got two question:
1) I've got a couple of INTERNAL web server for our intranet. How can I "exclude" them from the ISA proxy? i.e. If a user go to http://192.168.1.100, I don't want them to go through the proxy.
2) All our users have unique username to login to the AD Domain. I'll like to log the Usernames in the ISA logs. Is it possible to do this and perhaps set up a policy so that only AD Authenticated Users will be able to surf the net via ISA proxy?


Any suggestions/advice will be much appreciated!

Many thanks!

chrno
Post #: 1
RE: AD Users - 8.May2007 2:36:42 PM   
pesannason

 

Posts: 20
Joined: 4.Dec.2006
Status: offline
Hi chrno,

Best suggestion for what you want is to get another NIC card in that machine. With only one NIC everything will go through the ISA because there is only one network in the ISA's eyes.

Also when you set up with 2 NICs you will have the ability to setup the policy that will allow AD Authenticated users. You can't do it in your current state.

Don't bother with the templates, unless you are using the single NIC template. Then remove that template and  just make your own rules and you should be fine.

Hope this helps,

Pelton

(in reply to chrno)
Post #: 2
RE: AD Users - 18.Jun.2007 3:52:02 AM   
btg

 

Posts: 5
Joined: 11.Jun.2007
Status: offline
Right click your internal network and select properties.

under the webbrowser tab you can tick either bypass proxy for servers in this network, or directly access computers specified in the domains tab (this one you can custom make a list of addresses to directly access).

You can make a broader rule by specifying a domain under the domain tab where by ISA will not proxy any connections to that domain.

(in reply to pesannason)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Cache] >> General >> AD Users Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts