Authentication Problem

Hi,

I want to enable authtentication feature on a ISA 2000 server installed on a
Win2k SP4 member server part of a Wink2 Domain but experience the following:

- The default Allow All rule which is already there.

- I created a Site and Content rules for a specific user group and want to
disable the Allow All rule in order to "control" the anonymous access. Let's
call it DirectorsAccess Rule

- I added a Windows update Site and Content rules linked to a Destination
Set which will allow anonymous software to get updated files like Windows
Updates, AVG Anti-Virus, Adobe Reader, Adaware and so on... Let' call it
WindowsUpdate

-Finally I have a Site and Content rules for another group of users which
deny everything but a Destination set list. This one is called
EmployesAccess.

If I enable authentication and it's exactly what I want to do (because I
already setup 2 other ISA servers that way before whitout any problem) , I
have this:

Windows Update doesn't work which means I can't update several softwares
with an anonymous connection. It seems not to allow anonymous connection
though it works fine when authentication is off ?!!?

The Directors and Employes Site and Content rules work just fine. This means
Directors can visit any site and employes are allowed only the ones defined
in the Destination Set list and can't go anywhere else.

If I disable the Allow All Site and Content rules, ISA keeps prompting for
username and password but seems not to recocnize domain users??? Even
anonymous??? So I have to keep it enabled...

So with authentication ON and Allow All enabled, WindowsUpdate Site and
Content rules doesn't work.

With authentication ON and Allow All OFF, ISA keeps prompting for
authentication any connection out.

With authentication OFF and Allow All OFF, ISA keeps prompting for
authentication any connection out.

It's seems obvious the problem is the authentication process but how can I
check that? hit what tools? I mean it seems that it doesn't recocnize domain
users but the server is part of the domain and like I said, I did that kind
of setup twice before and it was working fine. I know that I first have to
check the authentication process between the ISA server and the Domain
server but how?

Thanks in advance.

Steve amirault









.

Relevant Pages

  • Re: VPN with SBS Premuim
    ... Windows 2003 SP2 networking issues, and then re-ran the CEICW again this time ... I understand that after installing ISA 2004 on the SBS ... server, VPN does not work. ... if you installed SP2 on the SBS server without ...
    (microsoft.public.windows.server.sbs)
  • RE: Beginners Questions
    ... We do use Windows form on the presentation layer which is on ... terminal server and call web services on the business logic side. ... of using "proxy" authentication on SQL Server. ... > I have written an app with a Windows Forms UI that is deployed to clients ...
    (microsoft.public.dotnet.distributed_apps)
  • Re: DHCP Issues. Very strange
    ... default order of rule in ISA 2004. ... Windows SharePoint Services intranet site, ... server certificate on Web server name column and then click Next. ... This newsgroup only focuses on SBS technical issues. ...
    (microsoft.public.windows.server.sbs)
  • Re: Need help configuring Wireless Connection profile
    ... and I can only use the intel OR windows utility, not both at the same time. ... Windows authentication for all users,4129,LRG\ryanv,4149,Wireless WPA2 ... SMALL BUSINESS SERVER: ... STEP #1 Install Certificate Services ...
    (microsoft.public.windowsxp.general)
  • Re: EAP-TLS with windows CE
    ... The AP was sending out an Identity Request every second, ... request to the identification server. ... When the server asks the Windows CE device to identify itself, ... I could easily steal your authentication information. ...
    (microsoft.public.windowsce.platbuilder)
Loading