Hi all,
I'm trying to verify the http proxy with Active Directory SSO on a test environment.
My configuration is ASG220 v7.006 + windows 2000 server SP4 + XP client PC.
On the AD I created two groups, base and filter and three users, user1, user2 and user3.
user1 belongs to the "base" group, user2 belongs to the "filter" group and user3 belogns to the default "Domain Users" only.
I followed the "HTTP Profile guide" found on the knownledge base site in order to configure the proxy with AD authentication.
So, I followed these steps:
1) configure the User->Authentication->Active Directory
2) configure the domain groups in User->Groups as AD backend membership with "limit to backend groups membership"
3) HTTP->GLobal with "Internal network" as allowed networks and operation mode "standard"
4) HTTP->Content Filter with "block everything except selection below" and nothing is selected below.
5) configure two filter action "base" and "filter" with respectively these blocked categories:
base=(Criminal_Activities,Extremistic_Sites,Drugs,Weapons,Nudity)
filter=(Community_Education_Religion,Ordering,Finance_Investing,Lifestyle,Criminal_Activities,Extremistic_Sites,Drugs,Games_Gambles,Weapons,Entertainment_Culture,Nudity,Job_Search,Medicine)
6) configure two filter assigments, "base" and "filter" with:
base=(group "base" and filter action "base")
filter=(group "filter" and filter action "filter")
7) configure one proxy profile with source network the "Internal network", filter assignments: "base", "filter" and "default filter assignment"; Fallback action "default filter action" and operation mode "Active Directory SSO"
Now, after this configuration, the proxy works well with the users user1 and user2 but the user3 is expected to be blocked on every urls, instead he can surf everywhere!!!
Probably I missed any configuration but I followed the guide found on the knownledgebase.
Someone has the same problem?
This thread was automatically locked due to age.
