Locking ISA Down

I currently have an ISA Server 2006 Enterprise Edition Installed with a single NIC. I am using it as a reverse proxy and a forward proxy. All of my develpoers are in the domain admins group within the domain so they are are able to log onto the ISA server. I need to all the developers to remain in the Domain Admins group but be denied from logging on to the ISA Box locally or through their domain credentials. I want only three users to be able to log onto the server. Not sure how i can accomplish this because the useres are members of the domain admins group.  
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

dnudelmanConnect With a Mentor Commented:
Take the Doamins administrators group from the Local machine users and manually add the users you want.
If they are in the domain admins group the cannot be denied access to ISA Server.
What is the problem? Are they changing the configuration?
knabiticAuthor Commented:
Yes they are changing the config, i want to limit the changes to only a few people. On the ISA properties added a user that i wanted to have access to create and change rules and removed the local administrators group. This seemed to deny users that are Domain admins but i am not sure if i am missing somthing? Any ideas if that a viable solution?
All Courses

From novice to tech pro — start learning today.