Denying Dialup Access Problem

Denying Dialup Access Problem

Post by Rob » Sat, 21 May 2005 02:25:37


I'm having serious difficulties in denying access to my estate based on
Computer account, has anyone managed this?

The basic setup is a 2000/2003 estate AD on 2003 and I have a couple of
cisco 530's and a server running IAS for the dialup.

So far I have tried:

1\ Setting the Deny Access Tab in AD for the computer account.

2\ Disabling the computer account in AD.

3\ Setting a rule in IAS to deny based on group membership of the Comp
account. (I know it says user but I thought I'd give it a go).

Any help would be much appreciated.

Cheers, Rob
 
 
 

Denying Dialup Access Problem

Post by Manjunath » Sat, 21 May 2005 03:46:01

Rob,

Use the "CallingStationId" condition in IAS to block that computer(this
will block the computer based on its MAC address).
http://www.yqcomputer.com/
has some details on this.

Thanks, Manju
+++++++++++++++++++++++++++++++++++++++++++++++
This posting is provided "AS IS" with no warranties, and confers no rights