Welcome to ISAserver.org

Allowing only Specific Sites

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA Server 2000 General] >> General >> Allowing only Specific Sites

Page: [1]

Message

<< Older Topic Newer Topic >>

Allowing only Specific Sites - 4.Mar.2008 1:23:53 AM

bstranger

Posts: 14
Joined: 27.Aug.2006
Status: offline

Hey there...

Now it seem like very stupid question and a very simple solution ..........but ... its not working this time......

All i need to do is allow a specific set of Domain users specific sites only and block rest of them..... simple !!!

What i have done is ... in policy elements i have made a Destination Set , added sites i want to allow in it....... , an allow rule ... applies to ..... Speficic group .. destination My destination set only.
Now the problem is even they are authenticated users, its asking for the password for these sites .. its not allowing any other site but not even allowing the sites defined in the set n keep on asking password .........
I m just so confused ..........plz help me its really urgent

Post #: 1

Featured Links*

RE: Allowing only Specific Sites - 7.Mar.2008 11:46:00 PM

bstranger

Posts: 14
Joined: 27.Aug.2006
Status: offline

Helloooooooooooooooooooooooo

Anybody thereeee ????????

(in reply to bstranger)

Post #: 2

RE: Allowing only Specific Sites - 14.Mar.2008 12:49:53 AM

bstranger

Posts: 14
Joined: 27.Aug.2006
Status: offline

Helloo

Anyone there ?????????????

(in reply to bstranger)

Post #: 3

RE: Allowing only Specific Sites - 17.Mar.2008 1:48:12 AM

AHIT

Posts: 1561
Joined: 22.Jul.2002
From: Sydney, Australia
Status: offline

Sorry for the delay.... some of us have jobs to do... and a life to lead!

This is an easy one!
Whilst you've done exactly the right thing I'd bet $10 that the domains you've included in your destination set are NOT the only things referenced within that site.

eg: look at the source for THS thread.
Whilst we're looking at forums.isaserver.org/ blah blah blah
you'll find reference to an included image at img src at "http://banman.isoftmarketing.com/a.aspx?ZoneID=10&SiteID=1&Task=Get&Mode=HTML&PageID=99509

So if your destination set included *.isaserver.org it would also need to include isoftmarketing.com..... and quite possibly a few others.

I remember writing an article on this myself some years back titled "The case of the unusual credential popup" at http://www.ahit.com.au/index.php?option=com_content&task=view&id=50&Itemid=85
Whilst the article specifically talks about secure sites, the same principle applies.

If you were to enter some credentials that had 'access to anywhere' type privelegae when prompted, and then checked out the WEBD logs you'd see reference to the other sites that are being access from within that one URL.

Another possibility is that there's some sort of a RPC/netlogon issues between your ISA server and your domain controller such that ISA cannot verify that the user credentials entered are indeed allowed to access the site.... but I reckon it's most likely the above example.

Best O luck with it!

_____________________________

http://www.ahit.com.au/isa
(Previous nick: Tolk)

(in reply to bstranger)

Post #: 4

RE: Allowing only Specific Sites - 1.Apr.2008 2:02:51 AM

bstranger

Posts: 14
Joined: 27.Aug.2006
Status: offline

Well... thanks for the help :)

by the way problem is solved ...    wht i did is .......... i made the rule i.e

Rule name ... Action " Deny " .... and in destinations instead of allowing specific destination set .. i select. .. All except selected set... and gave my   Destination set there .. and then selected my specific users... and now its working fine :)

Another thing i wanna ask is ... wht i have heard abt ISA is   that Deny rules take preference over Allow rule..but in my case thts not happening :/

I tried Allowing all . to everything   n then in second rule ... denying some things for a group..but .. no use .. everyone get access to everything ...... until i define users specifically .

(in reply to AHIT)

Post #: 5