Re: Webproxy using two seperate authentication methods

Tech-Archive recommends: Fix windows errors by optimizing your registry

The fix is done on the ISA server. The script to do this can be found
hrer:
http://blogs.technet.com/tristank/archive/2004/11/01/250312.aspx

Just out of curiosity, if the users have individual IDs, why not have
them use those to login as opposed to a generic login?



"=?Utf-8?B?SVNBQ0xVRUxFU1M=?=" <ISACLUELESS@xxxxxxxxxxxxxxxxxxxxxxxxx>
wrote in news:7AD6197F-93B6-40E6-BCFB-4785B7273433@xxxxxxxxxxxxx:

> Asher - thank you for your post.
>
> Here is the scenario.
> We have several workstations that auto login with a generic username
> and password. These generic user accounts have no access to the
> internet (ISA firewall policy prohibits AD Account access to
> http/https), however internet access is still required on these
> systems but we want access to be logged and tracked using users unique
> login ID's. These are the systems we need Basic authentication
> enalbed for. The other workstations are users dedicated desktops that
> they login to windows using their unique usernames and passwords.
> These are the systems we need Intergrated authentication enabled for.
> Is the registry Hack you mentioned applicable to the above situation?
> Is it located in the HKEY_CURRENT_USER Key?
>
> Thanks Again.
>
> "Asher_N" wrote:
>
>> If you use Integrated Auth, there is a reg hack that will force a
>> login prompt for anauthorized users.
>>
>> I'm not sure what you are trying to accomplish. Why require certain
>> people to login again to access the 'net? I assume that you will give
>> them a User ID and Password. That defeats the purpose and only annoys
>> the users.
>>
>> "=?Utf-8?B?SVNBQ0xVRUxFU1M=?="
>> <ISACLUELESS@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
>> news:EBF7A27A-7492-4D7B-82BD-9CD5CE9FBEAC@xxxxxxxxxxxxx:
>>
>> > Is it possible to setup ISA 2004 Webproxy to use two methods of
>> > Authentication.
>> > Scenario:
>> >
>> > I would like to be able to use basic authentication for certain AD
>> > groups so they will be prompted with
>> > a popup login box. This will be for our generic user accounts.
>> >
>> > I would also like to be able to use Integrated Authentciation for
>> > other AD groups so they will never be prompted to login. This
>> > would be for our general population of users.
>> >
>> > Is this possible, or will I have to setup two seperate ISA servers
>> > to accomplish this?
>> >
>> > Thanks..
>> >
>> >
>>
>>
>

.

Relevant Pages

  • Re: user login to one nic only on dual nic server
    ... I'm not sure what you can do for authentication for two different routes to ... ISA Server. ... > server not to allow users to login via the public NIC ...
    (microsoft.public.windows.server.setup)
  • [Full-Disclosure] Advisory: Dark Age of Camelot - Weak encryption of network traffic exposed persona
    ... Weak encryption in game client exposed customer billing and authentication ... encryption for billing information. ... The login binary has undergone several updates since then. ...
    (Full-Disclosure)
  • Re: [PHP] Is this the best way?
    ... Why is Jason schreefing again? ... maybe I should edit my authentication function... ... attempting to login. ... really be either attempting an authentication *or* outputting some ...
    (php.general)
  • Authentication Sharing Across Apps
    ... For my part "B" question that I had (Login App was not returning ... authentication to calling app), I found the solution. ... Basically, in both the Login App and Calling App Web.Config, I did ... authenticated connection with SQL server. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: [PHP] Is this the best way?
    ... Jason Pruim schreef: ... I am attempting to add a little error checking for a very simple login system. ... So maybe I should edit my authentication function... ... really be either attempting an authentication *or* outputting some message ...
    (php.general)