Re: ISA 2006

Hi,

An 'Allow All Users' rule does not require ISA to authenticate a connection
while an 'Allow only Admins' rule requires the ISA box to authenticate a
specific user. In my case I use the ISA Firewall Client to authenticate users
in my Domain (ISA is also part of the domain).
SecureNAT clients have no means to authenticate unless you use the ISA
Firewall Client on the connecting machine. ISA will terminate a connection if
it cannot authenticate the client...

Hope this helps...
--
Sven


"Darshan Diora" wrote:

Hi,
I am logging via the Admin user and issue is If i config all
authenticated users also i do not get the Terminal Desktop screen i.e not
even telnet port 3389 and if i put All users i am able to telnet port 3389.
I am not even getting the Terminal desktop login screen when defining All
authenticated users but if All users i am able to see the Terminal server
login after connnecting from the client , giving user credentials comes
after. Nothing to do with telnet rights or access as everything on the same
LAN segment.

Best Regards,
Darshan Diora



"Sven" <Sven@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:2E76AAE5-1177-4721-B714-7E1998D0405F@xxxxxxxxxxxxxxxx
Hi Darshan,

Is the user allowed to connect you? (or a group you are a member of?)
If not, you will be denied to make a connection using RDP to the ISA Server.
Keep in mind that you're defining who is allow to CONNECT to the server
using the RDP protocol. On the server you still specify if the user has
Remote Desktop rights to use Terminal Services or not...

Hope this helps
--
Sven


"Darshan Diora" wrote:

Hi,
configured ISA 2006 with Integrated Authentication. Set one Remote
desktop rule for accessing terminal services of the ISA 2006 by an ADS
user. Now the isuue is if All users set i can access but if i remove all
users and add that specific user for whom needed than no access. What
should
be the issue anything still require to take Authentication from ADS.

Best Regards,
Darshan Diora



.

Relevant Pages

  • Re: Active directory authentication
    ... One of your questions is for ISA to authenticate inbound ... ISA does this only when Web Publishing websites. ... don't have to support a large number of different Class B ... trusted machines and machines which require additional ...
    (microsoft.public.isa)
  • Re: FWCTool Reporting HTTP Error 403
    ... We have been running ISA 2004 SP2 very successfully for months. ... I ran the FWCTool to troubleshoot the connection and everything reports ... to authenticate (which we not only need but have had this configured from the ... firewall clients immediately detect the ...
    (microsoft.public.isa.clients)
  • Re: ISA 2004 & companyweb
    ... all users to authenticate" option will be un-ticked and the rule called ... access the internet unless they are members in the "Internet Users" group. ... client is sent to the ISA firewall, the ISA will use the following ... to authenticate" option and the Users element in the access rule. ...
    (microsoft.public.windows.server.sbs)
  • Re: RSS, XPathDocument and ISA proxy server
    ... A client set to allow just the web server, and use a destination set to limit it to where I download my rss from? ... Understanding the ISA 2004 Access Rule Processing ... Microsoft Internet Security & Acceleration Server: ... How do I get them to authenticate? ...
    (microsoft.public.isa)
  • Fixed (For me): Authentication not working for Protocol Rules
    ... Previously I had some problems with corrupt group policy files which caused ... > I'm having a similar problem - for some reason ISA 2004 is deciding not to ... > authenticate usernames even when required by rules. ... The Protocol rules are not. ...
    (microsoft.public.isa)