Denying Dialup Access Problem

Denying Dialup Access Problem

Post by Rob » Sat, 21 May 2005 02:25:37

I'm having serious difficulties in denying access to my estate based on
Computer account, has anyone managed this?

The basic setup is a 2000/2003 estate AD on 2003 and I have a couple of
cisco 530's and a server running IAS for the dialup.

So far I have tried:

1\ Setting the Deny Access Tab in AD for the computer account.

2\ Disabling the computer account in AD.

3\ Setting a rule in IAS to deny based on group membership of the Comp
account. (I know it says user but I thought I'd give it a go).

Any help would be much appreciated.

Cheers, Rob

Denying Dialup Access Problem

Post by Manjunath » Sat, 21 May 2005 03:46:01


Use the "CallingStationId" condition in IAS to block that computer(this
will block the computer based on its MAC address).
has some details on this.

Thanks, Manju
This posting is provided "AS IS" with no warranties, and confers no rights