Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ISA and Authentication Question...

From: Mark <firewalladmin () bellsouth net>
Date: Wed, 21 Jul 2004 06:55:41 -0400
I'm not sure how that would/could be done, a lot may depend on the
client (firewall client, secure NAT client, web proxy or all 3) but if
the noble members of this list don't know I would post the question on
www.isaserver.org. I literally cut my ISA Teeth on that site and was
never disappointed.


(oh, and for those wondering why you would want to do this... I
dunno... customers... what can you do? :-))


I can think of a reason. There are a few folks on my network that like
to use a local admin account all day and bypass login scripts and such
when they use domain accounts (which make them only users on their
machines). They inherited, by bad policy, local admin rights before I
started working there and you know how hard it is to take away something
they have always had. This would make it a real pain for them and
probably force them to log into the domain like everyone else.

Mark


On Tue, 2004-07-20 at 22:00, Wes Noonan wrote:

Got a strange question on ISA and authentication of users browsing the
Internet.

Is it possible to prevent ISA from prompting for a username when a user logs
onto the workstation using a local user account? By default ISA prompts for
authentication if integrated authentication fails. In this case, we want ISA
to simply not permit the connection at all without prompting.

I'm open to third party tools as well (I think Websense, etc. can do this
based on testing with other firewalls).

TIA.

(oh, and for those wondering why you would want to do this... I dunno...
customers... what can you do? :-))

Wes Noonan
Senior Network Consultant
832-563-3698
"Hardening Network Infrastructure"
A concise guide to securing your network
Available now at http://tinyurl.com/5852c
 


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: