Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Web Proxy Integrated authentication
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Web Proxy Integrated authentication - 30.Jun.2005 3:37:00 AM
|
|
|
sasa.rasovic
Posts: 4
Joined: 2.Feb.2005
Status: offline
|
Hi,
I have multiple-domain environment where ISA Server is in its own domain.
I have Web Proxy clients authenticating using integrated windows method on Intenal Network object.
I have 2 rules. The first one allows only one group of forest users to access internet. The second one allows the other group. There is no rule to allow anonymus access.
I want to accomplish the following:
When I login as administrator (user that is not allowed access by either rule) to computer and try to access internet as a Web Proxy client, I want to be prompted with authentication login box from ISA server, so I can provide credentials for one of the users that are allowed access.
OK, this works when I have non-domain environment and integrated authentication fails. ISA server will prompt user for credentials.
But for me, this doesn't work in a domain environment. It seams to me that ISA will get domain credentials from a loged-in user (administrator) and deny him access according to the rule.
Does anyone have a solution for this?
Thanks in advance,
Sasa
[ June 30, 2005, 03:37 AM: Message edited by: sasa.rasovic ]
|
|
|
|
|
RE: Web Proxy Integrated authentication - 30.Jun.2005 8:03:00 AM
|
|
|
tshinder
Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Sasa,
Configure the Web listener to NOT support integrated auth -- then the log on dialog box will appear.
HTH,
Tom
|
|
|
|
|
RE: Web Proxy Integrated authentication - 30.Jun.2005 8:19:00 AM
|
|
|
sasa.rasovic
Posts: 4
Joined: 2.Feb.2005
Status: offline
|
Thanks,
Did I understand you well: I should configure my Internal Network object listener for web proxy clients - not to use any kind of authentication?
Because, I want all users that are loged in with domain credentials that are allowed by rules, to be automatically allowed to browse internet.
And only users such as Admin that is not allowed by any rule to be prompted.
Sorry for over-analyzing.
Sasa
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
