Web Proxy Integrated authentication (Full Version)

All Forums >> [ISA Server 2004 Cache] >> General



Message


sasa.rasovic -> Web Proxy Integrated authentication (30.Jun.2005 3:37:00 AM)

Hi,

I have multiple-domain environment where ISA Server is in its own domain.
I have Web Proxy clients authenticating using integrated windows method on Intenal Network object.
I have 2 rules. The first one allows only one group of forest users to access internet. The second one allows the other group. There is no rule to allow anonymus access.

I want to accomplish the following:
When I login as administrator (user that is not allowed access by either rule) to computer and try to access internet as a Web Proxy client, I want to be prompted with authentication login box from ISA server, so I can provide credentials for one of the users that are allowed access.

OK, this works when I have non-domain environment and integrated authentication fails. ISA server will prompt user for credentials.
But for me, this doesn't work in a domain environment. It seams to me that ISA will get domain credentials from a loged-in user (administrator) and deny him access according to the rule.

Does anyone have a solution for this?

Thanks in advance,

Sasa

[ June 30, 2005, 03:37 AM: Message edited by: sasa.rasovic ]




tshinder -> RE: Web Proxy Integrated authentication (30.Jun.2005 8:03:00 AM)

Hi Sasa,

Configure the Web listener to NOT support integrated auth -- then the log on dialog box will appear.

HTH,
Tom




sasa.rasovic -> RE: Web Proxy Integrated authentication (30.Jun.2005 8:19:00 AM)

Thanks,

Did I understand you well: I should configure my Internal Network object listener for web proxy clients - not to use any kind of authentication?

Because, I want all users that are loged in with domain credentials that are allowed by rules, to be automatically allowed to browse internet.
And only users such as Admin that is not allowed by any rule to be prompted.

Sorry for over-analyzing.

Sasa




Page: [1]