Domain authentication

Domain authentication
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Applications Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
Domain authentication HiFi_Guy 10-01-2005
Posted by =?Utf-8?B?SGlGaV9HdXk=?= on October 1, 2005, 2:06 am
If you were  Registered and logged in, you could reply and use other advanced thread options
HI friends. i m running windows 2003 server having more then 300 clients.
i want users to join domain if they want to use internet, if they just log
locally
on their computers they should not be able to use internet..so any idea
about this
plz reply as soon as possible

have a nice day.


Posted by Steven L Umbach on October 1, 2005, 11:19 am
If you were  Registered and logged in, you could reply and use other advanced thread options
There is no easy solution since internet access "usually" only needs the
right default gateway IP address and does not require any sort of computer
or user authentication. There are ways to control access to switches on
those switches that support 802.1X though this requires an infrastructure
that distributes computer certificates to 802.1X capable domain computers to
use for authentication via an IAS/radius server before port access is
allowed. Microsoft Server 2000/2003 can be a Certificate Authority and IAS
server. Another solution could be to use Microsoft ISA 2004 to manage your
internet gateway. Then an ipsec require policy could possibly be configured
on the ISA 2004 server that would prevent non domain computers from
accessing it if user based rules were enabled on it or it otherwise required
communications with the client computer so that it was not just a default
gateway for the computer. The ISA 2004 newsgroup would be a good place to
ask a question about such a possibility and you can download and try ISA
2004 for free with the Evaluation Edition to see if it suits your needs. A
non technical solution would be a strict computer use policy that employees
review and sign that prohibits unauthorized computers on the network. Such
policies need to state possible consequences and be enforced to be
effective. An unauthorized computer can be a huge risk as in it could
contain a backdoor or a worm on it. --- Steve

http://www.microsoft.com/isaserver/evaluation/overview/default.mspx ---
ISA 2004
http://www.hp.com/rnd/pdf_html/guest_vlan_paper.htm --- example of 802.1X
using an HP Procurve switch

> HI friends. i m running windows 2003 server having more then 300 clients.
> i want users to join domain if they want to use internet, if they just log
> locally
> on their computers they should not be able to use internet..so any idea
> about this
> plz reply as soon as possible
>
> have a nice day.
>



Similar ThreadsPosted
802.1x and domain authentication January 5, 2009, 4:54 pm
Cross Domain Authentication - Active Directory July 18, 2006, 11:07 am
NTLM Authentication, Part Server / Domain Controller October 7, 2008, 11:43 am
Re: Fast User Switching in Domain Member mode / Authentication Tic September 25, 2005, 11:28 pm
domaine vergabe free de domains domain de eu domain name registrieren de be domain July 28, 2008, 4:14 pm
Giving access to a share folder in domain A to users in Domain B May 17, 2007, 2:22 pm
CAs: Enterprise root on parent domain, subordinate on child domain March 20, 2008, 10:28 am
In windows domain,if 'domain user' group has been remove from the May 19, 2006, 4:07 am
Domain Admin administering Domain Computers December 6, 2005, 2:58 am
Server that came from a W2000 Domain and has joined a NT Domain March 22, 2006, 2:10 pm

The site map in XML format XML site map

Contact Us | Privacy Policy