• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

security group member change not reflected in ISA

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> General >> security group member change not reflected in ISA Page: [1]
Login
Message << Older Topic   Newer Topic >>
security group member change not reflected in ISA - 8.Jul.2009 10:00:29 AM   
vadood

 

Posts: 11
Joined: 4.Apr.2005
Status: offline
hi,

I encountered an odd thing in my isa server today. I have rule allowing a set of people idicated in a security group in my domain to access external netowork.
Today i changed the members of that group, but the previous members (who now were removed) still had access to external network.
I enabled the logging and checked in SQL server, the users were allowed connection and  used the same rule. I restarted the firewall service and it was still the same.
It seemd that changes in group members in domain controller does not reflect in ISA server.

I have got ISA 2004 standard edition on Win 2003 server, and a win 2003 domain. connection between DC and ISA was fine.

what can be the cause?

Post #: 1
RE: security group member change not reflected in ISA - 10.Jul.2009 8:46:31 PM   
pie8ter

 

Posts: 23
Joined: 29.Sep.2008
Status: offline
If the user was logged in when you made the group membership change, he will have to log off and log back into the domain for the change to effect.  I am not sure if ISA itself checks the group and user SIDs or asks the domain controller for the verification.

(in reply to vadood)
Post #: 2
RE: security group member change not reflected in ISA - 11.Jul.2009 12:10:42 PM   
richardhicks

 

Posts: 477
Joined: 20.Jan.2009
From: Southern California
Status: offline
Could be an Active Directory replication issue as well...

_____________________________

Richard Hicks - Forefront MVP
http://tmgblog.richardhicks.com/
http://directaccess.richardhicks.com/

(in reply to pie8ter)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> General >> security group member change not reflected in ISA Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts