Re: Only allow authenticated domain users Internet access?
From: Herb Martin (news_at_LearnQuick.com)
Date: 02/10/05
- Next message: Herb Martin: "Re: restricted groups"
- Previous message: Herb Martin: "Re: Site link understand...i'm confused"
- In reply to: Björn: "Only allow authenticated domain users Internet access?"
- Next in thread: Andrei Ungureanu: "Re: Only allow authenticated domain users Internet access?"
- Reply: Andrei Ungureanu: "Re: Only allow authenticated domain users Internet access?"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 9 Feb 2005 21:05:45 -0600
"Björn" <Bjrn@discussions.microsoft.com> wrote in message
news:DDE2E3A0-D4EA-4089-B00F-2F6CBDEF9999@microsoft.com...
> I work at a small high school (about 400 students). Our students connects
to
> use portable computers with both Windows XP and Mac OS X. They connect to
our
> LAN via a wireless connection with a MAC-address validation process. All
> students have an account on our domain controller (Windows2003). But many
> students choose not to log on to the domain, hence not getting essential
> network shares and global policies. I would like to stop these users from
> getting Internet access.
>
> This is how I would like it to work:
> Only users who are logged in to the domain should be allowed Internet
> access. All other users should only have access to the LAN or even better
> only to the DC.
> Is this possible to do? What kind of hardware/software do I need?
> We have looked at the ISA-server. But the firewall client needed for user
> lever authentication is only available for windows clients. This would
lock
> out our Mac users, hence not an option.
You can run (what used to be called the) Web Proxy which requires
no ACTUAL new software. It will allows any Browser which can
support the client to authenticate the same as when they reach any
web site.
The open standard SOCKS proxy authentication method should
also work if the clients support it.
There is also support for
If you use the actual (add-on) client software then ...
How else would you authenticate a Domain User if the machines
are not "Domain Clients".
The limitation is not really an ISA one, but the authentication methods
and it supports at least three.
You might try the question on the ISA for specifics.
-- Herb Martin > -- > Björn Blissing > MSc Media Technology > Norrköping, Sweden
- Next message: Herb Martin: "Re: restricted groups"
- Previous message: Herb Martin: "Re: Site link understand...i'm confused"
- In reply to: Björn: "Only allow authenticated domain users Internet access?"
- Next in thread: Andrei Ungureanu: "Re: Only allow authenticated domain users Internet access?"
- Reply: Andrei Ungureanu: "Re: Only allow authenticated domain users Internet access?"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
