Re: acces rules
- From: "Jim Harrison \(ISA SE\)" <jmharr@xxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 19 Feb 2008 15:16:56 -0800
LDAP users for access rules - can't do it; quit trying.
RPC error; some things to check:
1. Windows 2003 SP2 on ISA? Check this ISABlog:
http://blogs.technet.com/isablog/archive/2007/03/27/isa-server-and-windows-server-2003-service-pack-2.aspx.
any changes made as directed there will require a reboot.
2. Only if #1 fails to resolve the issue, you may need to disable Strict RPC
for the system policy set "Authentication". The ISA help covers this.
--
Jim Harrison (ISA SE)
This posting implies no warranty and confers no rights.
http://catb.org/~esr/faqs/smart-questions.html
"jimi hendrix" <jimihendrix@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:18468861-FC0B-4EBC-9720-BE8DE4AA21D6@xxxxxxxxxxxxxxxx
Is there anyone who can help me with this problem,..??
TIA jimi
"jimi hendrix" wrote:
Jim,
the access rule in the firewall policy has a predifined group calles all
users.
I deleted the radius and want to try AD users&comp error rcp server
unavailable.
I try LDAP authentication this works but when I delete the "all users" and
save the settings, windows says LDAP cannot be used for this , use another
group or another protocol.
can you help me out here,
thanks for all the comments
jimi
"Jim Harrison (ISA SE)" wrote:
You cannot combine RADIUS auth and Windows users.
--
Jim Harrison (ISA SE)
This posting implies no warranty and confers no rights.
http://catb.org/~esr/faqs/smart-questions.html
"jimi hendrix" <jimihendrix@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:A073865D-C06B-4EF0-8323-2B7F5079ED72@xxxxxxxxxxxxxxxx
Is there anyone who can help me out here,
AT this moment I have RADIUS configured to authentiate, but I need AD
users&comp available to add the group I need to add.
best regards and TIA
jimi
"jimi hendrix" wrote:
Isa server was a member before the isa software was installed.
I am just not able to add any domain user or group in any kind a way..
thanks for all you comments by the way..
jimi
"Jim Harrison (ISA SE)" wrote:
Since your ISA is a domain member, there is no reason to use
anything
but
domain user groups.
The RPC error is a failure of your ISA to communicate with the DC.
Did you join the server to the domain before or after you installed
ISA?
--
Jim Harrison (ISA SE)
This posting implies no warranty and confers no rights.
http://catb.org/~esr/faqs/smart-questions.html
"jimi hendrix" <jimihendrix@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:94C5A7E1-230A-41AB-BFFF-44EA54556069@xxxxxxxxxxxxxxxx
Jim,
windows authetication one of the other 3 options
windows users & groups
ldap
radius
secure id
gives me error:
Windows cannot proces the object with the name"internet access"
because
of
the following error: RPC server is unavailable.
and can I use radius for windows user group authentication as
another
option?
best regards
jimi
"Jim Harrison (ISA SE)" wrote:
Don't associate your users with an LDAP group in ISA.
--
Jim Harrison (ISA SE)
This posting implies no warranty and confers no rights.
http://catb.org/~esr/faqs/smart-questions.html
"jimi hendrix" <jimihendrix@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:86197D4F-DB4A-4006-8F2A-140BD3307AE7@xxxxxxxxxxxxxxxx
Jim,
ISA is a member of my domain .
Its was a member even before I installed the ISA 2006 software.
What more can I do,...
best regards
Jimi
"Jim Harrison (ISA SE)" wrote:
Add ISA to your domain and stop trying to use LDAP.
--
Jim Harrison (ISA SE)
This posting implies no warranty and confers no rights.
http://catb.org/~esr/faqs/smart-questions.html
"jimi hendrix" <jimihendrix@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:75C783F3-FC46-49CA-A9B3-C6C9895711C4@xxxxxxxxxxxxxxxx
Jim,
But the group is related to an LDAP auth, this group exists in
my
AD.
Windows auth gives errors to.
How can I add users/ usergroups to this accesgroup for internet
access..?
best regards
Jimi
"Jim Harrison (ISA SE)" wrote:
The error "the authentication method (LDAP) selected for user
set
internet
full is not valid for an access rule" is the critical point.
You've defined this user set as being related to an LDAP
authentication.
As stated in the error, this condition is not allowed for
access
rules.
--
Jim Harrison (ISA SE)
This posting implies no warranty and confers no rights.
http://catb.org/~esr/faqs/smart-questions.html
"jimi hendrix" <jimihendrix@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote
in
message
news:27430DAD-B081-4172-8245-97B28D0182A8@xxxxxxxxxxxxxxxx
My Friends,
I have a problem adding a usergroup to the acces rule for my
firewall
policy.
the group is called Internet full and contains all the users
on my
domain
that have internet access.
error when adding the users using windows auth: RPC server
unavailable
error when adding the users using LDAP auth : the
authentication
method
(LDAP) selected for user set internet full is not valid for an
access
rule.
I run ISA 2006 standard edition, on a windows 2003 server in a
2000/2003
mixed AD domain.
Isa is configured with 1 NIC as a proxy server , the isa
server is
on
my
LAN.
can anyone help me out here please,..al your comments are very
welcome
best regards
Jimi
.
- Follow-Ups:
- Re: acces rules
- From: jimi hendrix
- Re: acces rules
- References:
- Re: acces rules
- From: Jim Harrison \(ISA SE\)
- Re: acces rules
- From: jimi hendrix
- Re: acces rules
- From: jimi hendrix
- Re: acces rules
- Prev by Date: Re: acces rules
- Next by Date: Newbie Help
- Previous by thread: Re: acces rules
- Next by thread: Re: acces rules
- Index(es):
Relevant Pages
|
