matthewjones
asked on
ISA Server: 1 user needs access to 1 site ** IMPORTANT **
We are running ISA Server and I need to give a user that DOES NOT currently have web access access to a single site.
It's driving me nuts! Most users have Inet access belonging to the group 'InternetUsers'. However, this department opts to NOT allow their users web access.
But of course - 1 user needs to access a site for work related issues.
So, I need to give a single user access to a single site (which is: https://dnbweb1.blackbaud.com/OPXDONATE/donate.asp?cguid=1E59DAB5%2D28BC%2D4A57%2D8EF4%2D0BD97B9D8561&dpid=1113)
Here's what I've done but it doesn't seem to work.
1) I've created "Site & Content Rule" which has the following attributes:
a: Selected Destination Set
b: Schedule: all hours
c: Action: Allowed
d: Applies to: Users & Group Specified below
e: Content: All
The Selected Destination Set is defined as:
1) IP Address of: 208.62.89.45 (determined by pinging dnbweb1.blackbaud.com)
2) Path: /OPXDONATE/donate.asp?cgui d=1E59DAB5 %2D28BC%2D 4A57%2D8EF 4%2D0BD97B 9D8561&dpi d=1113
NOTE: I also tried leaving the path blank allowing any of the site.
** If I log on as that user (or the test user which is also defined in the rules) I get a blank page.
** The users states she still gets "Page cannot be displayed".
Also:
1) Does the Web Proxy Service need to be restarted after making changes to the 1) Destinations sets or 2) site/content rultes?
2) Is the users access dynamic? Or do they have to log off and back on again?
Thanks in advance..
Matthew Jones
It's driving me nuts! Most users have Inet access belonging to the group 'InternetUsers'. However, this department opts to NOT allow their users web access.
But of course - 1 user needs to access a site for work related issues.
So, I need to give a single user access to a single site (which is: https://dnbweb1.blackbaud.com/OPXDONATE/donate.asp?cguid=1E59DAB5%2D28BC%2D4A57%2D8EF4%2D0BD97B9D8561&dpid=1113)
Here's what I've done but it doesn't seem to work.
1) I've created "Site & Content Rule" which has the following attributes:
a: Selected Destination Set
b: Schedule: all hours
c: Action: Allowed
d: Applies to: Users & Group Specified below
e: Content: All
The Selected Destination Set is defined as:
1) IP Address of: 208.62.89.45 (determined by pinging dnbweb1.blackbaud.com)
2) Path: /OPXDONATE/donate.asp?cgui
NOTE: I also tried leaving the path blank allowing any of the site.
** If I log on as that user (or the test user which is also defined in the rules) I get a blank page.
** The users states she still gets "Page cannot be displayed".
Also:
1) Does the Web Proxy Service need to be restarted after making changes to the 1) Destinations sets or 2) site/content rultes?
2) Is the users access dynamic? Or do they have to log off and back on again?
Thanks in advance..
Matthew Jones
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Since you answered you got the points! The info there was also helpful.
Thanks
Thanks
ASKER
We had removed certain users from the Internet Access Group, so even after being filtered through site content rules they were still 'denied' at the protocol level.
I guess what I didn't realize is that you have to have access first before you can be limited to a few sites and/or re-directed. I looked at the protocol rules but didn't add the user back in there 'thinking' it would give them access to other sites. I had the concept all wrong!
Anyway - All appears to be working as desired.
I really do appreciate the site and your work.
Can I give myself the points??