Educause Security Discussion mailing list archives
User authentication through Microsoft ISA Sever for OWA
From: "Barros, Jacob" <jkbarros () GRACE EDU>
Date: Thu, 22 Jul 2004 11:07:26 -0500
We have web filtering software in place on MS ISA server. Our Student Development department has been asking for a while for a way to tie usernames to unauthorized sites (filtered or unfiltered) for accountability. Because of our limited man hours we need a quick and easy way for them to look through the logs. The most cost-effective (free) solution for us would be to turn on authentication on the ISA server. It would require anyone not logged on to the domain to enter a username and password before using internet resources. Leaving all politics out of the equation, our tests have been outstanding with one exception. Users are pummeled with authentication prompts when checking email via Outlook Web Access. Any fixes we find seem to all be pointed in the same direction.. using SSL (which we aren't right now though it is on my list for the fall semester). We've tried using forms based authentication mentioned in the Exchange server documentation. We've also tried the 'bypass proxy for local addresses' option on clients with no change. There are much more details about this scenario but I didn't want a super long post. So, is anyone using this sort of scenario and have any opinions on how to make this work? Is our only option to use SSL? Is there a way in ISA (or clients) to tell it to 'ignore' our OWA site that we don't know about? We have only two weeks from tomorrow to make this happen so any advice would be appreciated. Jake Barros Grace College ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- User authentication through Microsoft ISA Sever for OWA Barros, Jacob (Jul 22)