• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 187
  • Last Modified:

using internet

i am NOT in a active directory environment

i am using ISA 2004 to share internet

i am looking for a centralize software to maintain the usage of internet

for example, when a user open internet explorer it will prompt for user name and password

the password prompt should come when open internet explorer only, other applications users can have access freely
anyone knows a software with this function?
0
ammadeyy
Asked:
ammadeyy
  • 2
3 Solutions
 
npinfotechCommented:
0
 
Rant32Commented:
Too bad you're not in an AD environment, this will make large-scale operation difficult. But here goes:

Obviously you can't restrict access to the internet using a firewall, because other applications need access. I think the only way around it is to force Internet Explorer to use your ISA server, which can be configured for authentication. Then you will have to make sure that the settings for the proxy server cannot be changed, by removing the Connections tab from the Internet Explorer settings.

Alternatively, you can save the text below to a .reg file (for example proxysettings.reg), and save it in a central place:

--- cut here ---
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable"=dword:00000001
"ProxyServer"="myisaserver:8080"
"ProxyOverride"="<local>"

[HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel]
"ConnectionsTab"=dword:00000001

--- cut here ---

Then you can apply this registry file at user logon, with "regedit /s \\server\share\proxysettings.reg"
0
 
MichaelProCommented:
Yes you certainly can.

You need to create a user group on the ISA server and then create a FireWall policy (or edit the existing policy) to apply to that User/Group. After that this is what happens:

1-Internet Explorer contacts the gateway or proxy (ISA Server) and sends the request for the website
2-Proxy sends back the authentication 'failed' header along with the protocols it supports (e.g. Basic ,...)
3-Internet Explorer re-sends the request for the website along with the authentication protocol requested and username/password of the user running
4-ISA fails to authenticate the current user (since you are not in active directory) so Proxy sends back the authentication 'failed' header along with the protocols it supports (e.g. Basic ,...)
5-Internet Explorer Prompts for username/passowrd and user gets chance to input

Note that this is all automated. you don't need to do any configuration on the IE.

Another Note: Make sure you don't have any other firewall policy not requiring username/password with higher priority  in isa.

try and let me know

thanks,
Michael
0
 
MichaelProCommented:
hello again,

+ for other applications, enable the Firewall Client installation and add the appliation/port in the ISA Server's configuration. Then install firewall client software on the client systems. However, depending on the software (e.g. of the old software,...) they may prompt you for username/password or don't get authenticated. This is a good thing most of the times because you don't want infected systems (e.g. virus, spyware) to contact internet.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now