I'm in the process of setting up a Forefront TMG server, on one of our customers LAN.
The server is operating with only one NIC, and only as a content filtering proxy.
The problem I'm having is, that the customer wants to be able to disable, all internet access for a few select users.
I've created a usergroup containing the users, and a Web Access Policy, denying traffic on all protocols.
I've setup Integrated Authentification and added all the customers domain controllers and GC servers.
Even with the above setup, and the TMG server set as the proxy server. All internet traffic is blocked, for all users.
When I look in the logs, I see that ALL users are anonymous. Not one of them authenticates properly, even though the client machines get the "Username / Password" prompt.
I've even installed the Forefront Client, without luck.
Has anyone come across this before?