Re: [fw-wiz] ISA and Authentication Question...
From: Mark (firewalladmin_at_bellsouth.net)
Date: 07/21/04
- Previous message: Paul D. Robertson: "Re: [fw-wiz] iso 17799"
- In reply to: Wes Noonan: "[fw-wiz] ISA and Authentication Question..."
- Next in thread: Wes Noonan: "RE: [fw-wiz] ISA and Authentication Question..."
- Reply: Wes Noonan: "RE: [fw-wiz] ISA and Authentication Question..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: wnoonan@colltech.com Date: Wed, 21 Jul 2004 06:55:41 -0400
I'm not sure how that would/could be done, a lot may depend on the
client (firewall client, secure NAT client, web proxy or all 3) but if
the noble members of this list don't know I would post the question on
www.isaserver.org. I literally cut my ISA Teeth on that site and was
never disappointed.
>(oh, and for those wondering why you would want to do this... I
>dunno... customers... what can you do? :-))
I can think of a reason. There are a few folks on my network that like
to use a local admin account all day and bypass login scripts and such
when they use domain accounts (which make them only users on their
machines). They inherited, by bad policy, local admin rights before I
started working there and you know how hard it is to take away something
they have always had. This would make it a real pain for them and
probably force them to log into the domain like everyone else.
Mark
On Tue, 2004-07-20 at 22:00, Wes Noonan wrote:
> Got a strange question on ISA and authentication of users browsing the
> Internet.
>
> Is it possible to prevent ISA from prompting for a username when a user logs
> onto the workstation using a local user account? By default ISA prompts for
> authentication if integrated authentication fails. In this case, we want ISA
> to simply not permit the connection at all without prompting.
>
> I'm open to third party tools as well (I think Websense, etc. can do this
> based on testing with other firewalls).
>
> TIA.
>
> (oh, and for those wondering why you would want to do this... I dunno...
> customers... what can you do? :-))
>
> Wes Noonan
> Senior Network Consultant
> 832-563-3698
> "Hardening Network Infrastructure"
> A concise guide to securing your network
> Available now at http://tinyurl.com/5852c
>
>
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Paul D. Robertson: "Re: [fw-wiz] iso 17799"
- In reply to: Wes Noonan: "[fw-wiz] ISA and Authentication Question..."
- Next in thread: Wes Noonan: "RE: [fw-wiz] ISA and Authentication Question..."
- Reply: Wes Noonan: "RE: [fw-wiz] ISA and Authentication Question..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
