[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 369
  • Last Modified:

Giving the access to Gmail to internal user

We have ISA 2006, we blocked all the mail sites through Access rules. If any person wants the mail site access we will create the separate rule & give the access to his/her machine IP address, so that he/she can access mail site.
 Is there any mechanism to allow the access to only to windows user account not the IP address of the machine?  Or Is any other alternative to do this?
0
ksiva83
Asked:
ksiva83
  • 3
  • 2
1 Solution
 
sheikhfahadCommented:
hi ksiva83,

can u describe you scenario a little more, are u using domain environment?? do u want to give access to your domain users??

what i do is, i will make a group called "denywebmail" and populate all the users in it. if any user want to use mail site just kick out his user id from that group :).

Thanks
0
 
ksiva83Author Commented:
Hi Sheikh,
Yes, we have Domain Environment. We want to give site access to only particular users. Now we are giving the access to site through user IP address of the machine not the domain user account.
Is it possible in ISA 2006 to give access to domain user rather than machine IP and How can we do in ISA?
Where you are creating the group denywebmail  Is it on Domain controller or on ISA Server?
0
 
sheikhfahadCommented:
hi ksiva83

yes it possible in ISA 2006 to give access to domain user, all u need to do is to create a group "denywebmai" in Isa 2006 and put all domain user in it (or those user that u dont want to use webmail). create a rule that deny all mail site to this group. and if any user want to use webmail just remove his user id from this group.

As other choice you can create the same group "denywebmai" in Active directory , but in this case you must create an group in isa2006 add this AD group "denywebmai" into ISA2006 group.

reply if anything is unclear :)

Thanks
0
 
ksiva83Author Commented:
Hi Sheikh,

Can you help me how to create the group & push the domain users into it. As i can only create the Computer Object with IP address. I am not able to find the  access/import domain user to rule which we create in ISA..

Thanks

0
 
sheikhfahadCommented:
hi ksiva83

sorry for late response, here is how you can do this

1 - open ISA2006 and click on "Firewall policy", than on right side panel click on "Toolbox" than click on "Users".
2 - Now under the "Users" section click on "New", this will start "New User Set Wizard". give it a name "DenyWebMail" and click next.
3 - Here u can see the "Add" button, click it and select "Windows users and group..."
4 - Now click on "Location" button and select "Entire Directory" and click Ok.
5 - Now click on "Advanced" button and than click on "Find Now" button and select all AD users that you want to add. you can also select AD groups.
6 - Click Ok, Than click Ok and than "Next" and than "Finish.

Now you have an ISA group "DenyWebMail" populated with AD users. You can create an ISA rule that uses this group to restrict web mail access.

Any confusion on any steps ? reply me.

Thanks

0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now