RE: [SLE] windows 2000 network authentication

• Previous message: Sid Boyce: "Re: [SLE] reiserfs fails"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: "SuSE Linux Distribution List (E-mail)" <suse-linux-e@suse.com>
Date: Sun, 28 Dec 2003 13:25:55 +0200

The dynamic IP should not affect the authentication.

Authentication methods
======================

The access policy and publishing rules of Microsoft Internet Security and
Acceleration (ISA) Server can be configured to allow or deny a set of
computers (client address sets) or a group of users from accessing specific
servers. If the rule applies specifically to users, then the ISA Server
checks the Web request properties for listeners on the array to determine
how the user should be authenticated.

You can configure incoming and outgoing Web request settings so that users
must always be authenticated by ISA Server before processing rules. This
ensures that requests are allowed only if the user making the request is
authenticated. For more information, see Require authentication for all Web
requests.

You can also configure which authentication method to use. You can configure
different authentication methods for incoming Web requests and for outgoing
Web requests.

ISA Server supports the following authentication methods:

Basic authentication ---->> YOUR BEST BET!
Digest authentication
Integrated Windows authentication
Client certificates and server certificates

Basic authentication
====================

The standard Hypertext Transfer Protocol (HTTP) method of authentication is
basic authentication. Basic authentication sends and receives user
information as text characters that can be easily read. While passwords and
user names are encoded, no encryption is used with basic authentication. The
following describes the authentication procedure for basic authentication:

The client prompts the user for user name and password credentials.
The credentials are then encoded by the client and sent to the server.
The user name is verified as being an account on the Microsoft Internet
Security and Acceleration (ISA) Server computer or in a trusted domain of
the ISA Server.

To configure authentication methods for Web requests
====================================================

In the console tree of ISA Management, right-click the applicable array and
then click Properties.
Where?

Internet Security and Acceleration Server
Servers and Arrays
Name
On the Incoming Web Requests tab or on the Outgoing Web Requests tab, do one
of the following:
To add an Internet protocol (IP) address and configure its properties, click
Add.
To edit the properties of an IP address properties, click the IP address,
then click Edit.
Under Authentication, do one or more of the following:
Click the Basic with this domain check box. Then, to select a domain other
than the local domain, click Select domain and type the name of the desired
domain.
Click the Digest with this domain check box. Then, to select a domain other
than the local domain, click Select domain and type the name of the desired
domain.
Click the Integrated check box.
Click the Client certificate (secure channel only) check box.
Notes

To open ISA Management, click Start, point to Programs, point to Microsoft
ISA Server, and then click ISA Management.
If more than one authentication method is selected, then the client can
authenticate using any of the specified authentication methods.
Important

Internet Explorer 5 supports all the authentication methods. Other Web
browsers may support only the Basic authentication method. Be sure that the
clients' Web browsers can use at least one of the authentication methods
that you specify in an array's incoming Web request and outgoing Web request
properties. Otherwise, the client will not be able to access the requested
object.

-----Original Message-----
From: David Robertson [mailto:David Robertson]
Sent: Saturday, December 27, 2003 7:43 AM
To: fareed@iplex.co.zw
Subject: Re: [SLE] windows 2000 network authentication

On Saturday 27 December 2003 01:43, you wrote:
> You can add clear text authentication in ISA or Proxy 2.0
> Check what other authetication types that may be available.
> You could also specify your Suse static IP in your windoz proxy.

The ip is dynamically allocated. How do I add clear text authentication in
ISA? What files do I need to edit.

Many thanks - I appreciate your help!

David

-- 
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@suse.com
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@suse.com

• Previous message: Sid Boyce: "Re: [SLE] reiserfs fails"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]