|
ajclifford -> Limiting access to an AD security group (6.May2008 7:22:07 PM)
|
Hello,
We have a basic ISA Server 2006 access rule setup for allowing HTTP and HTTPS traffic except we have removed the default "All Users" group as the access rules Condition and replaced it with our own user group we've created. This works for pretty much everyone except one user we have come across. For some reason their credentials are not getting passed to the ISA Server so if they try to access a web page they are prompted to re-authenticate. This user has IE6 at the moment.
I've tried re-creating their profile, using Firefox, playing across with IE security settings and the like without success. If I view the ISA Server logging while testing this user their connections show up as anonymous, and therefore are denied. If the user types their username and password into the prompted box when they first open IE and try to open a web page everything works fine and then in ISA Server logging they show up as DOMAIN\User as expected (until they close IE browser down of course).
Has anyone else come across a problem like this? I really thought it was just a bung profile on the local computer for this user, but it appears not (we don't have roaming profiles). I would really much rather not leave the rule open to "All Users" as we use a security group in AD to restrict some accounts to have no internet access.
Any help would be greatly appreciated.
Regards,
Alex
|
|
|
|