I currently have an ISA Server 2006 Enterprise Edition Installed with a single NIC. I am using it as a reverse proxy and a forward proxy. All of my develpoers are in the domain admins group within the domain so they are are able to log onto the ISA server. I need to all the developers to remain in the Domain Admins group but be denied from logging on to the ISA Box locally or through their domain credentials. I want only three users to be able to log onto the server. Not sure how i can accomplish this because the useres are members of the domain admins group.