Tôi gửi bạn cách tạo 1 Access Rule Ngăn chặn và cho phép quyền sử dụng và truy cập ra vào mạng theo account của từng cá nhân trong 1 công ty.
The first Access Rule will limit users access to only the HTTP and HTTPS protocols. In addition, the users will only be able to use these protocols when accessing Microsoft operated Web properties. A custom firewall group, Limited Access Web Users, will be created
and user2, located in the Active Directory, will be placed into that Active Directory group.
Perform the following steps to create the limit user Access Rule:
1. At the ISA Server 2004 firewall computer, open the Microsoft Internet Security and Acceleration Server 2004 management console and expand the server name in the left pane of the console. Click on the Firewall Policy node. In the Task pane, click the Tasks tab. Click Create New Access Rule.
2. On the Welcome to the New Access Rule Wizard page, enter a name for the rule in the Access Rule name text box. In this example, we will call the rule Limited Users Web Access. Click Next.
3. On the Rule Action page, select Allow and click Next.
4. On the Protocols page, select Selected protocols from the This rule applies to dropdown list. Click Add.
5. In the Add Protocols dialog box, double click on the HTTP and HTTPS protocols. Click Close.
6. Click Next on the Protocols page.
7. On the Access Rule Sources page, click Add. In the Add Network Entities dialog box, click on the Networks folder. Double click on the Internal network, and click Close.
8. Click Next on the Access Rule Sources page.
9. On the Access Rule Destinations page, click Add. On the Add Network Entities dialog box, click the New menu, and click Domain Name Set.
10. In the New Domain Name Set Policy Element dialog box, click New. Enter the first domain name *.microsoft.com and press ENTER. Enter the following three domains *.msn.com, *.hotmail.com and *.windows.com. In the Name text box, enter Microsoft and click OK.
11. In the Add Network Entities dialog box, click on the Domain Name Sets folder and then double click on the Microsoft entry. Click Close.
12. On the User Sets page, select All Users entry from the This rule applies to request from the following user sets list, and click Remove. Click Add.
13. In the Add Users dialog box, click the New menu.
14. On the Welcome to the New User Sets Wizard page, enter a name for the User Set in the User set name text box. In this example, we will name the User Set Limited Web Users. Click Next.
15. On the Users page, click Add. Select the Windows users and groups option.
16. In the Select Users or Groups dialog box, click the Locations button.
17. In the Locations dialog box, expand the Entire Directory entry and click on your domain name. In this example, the domain name is msfirewall.org. Click OK.
18. In the Select Users or Groups dialog box, enter User2 in the Enter the object names to select text box and click Check Names. When the Active Directory finds the user name, it will be underlined. Click OK.
19. Click Next on the Users page.
20. Click Finish on the Completing the New User Set Wizard page.
21. Double click the Limited Web Users entry in the Add Users dialog box and click Close.
22. The Limited Web Users entry now appears in the This rule applies to requests from the following user sets list. Click Next.
23. Click Finish on the Completing the New Access Rule Wizard page.
The first Access Rule will limit users access to only the HTTP and HTTPS protocols. In addition, the users will only be able to use these protocols when accessing Microsoft operated Web properties. A custom firewall group, Limited Access Web Users, will be created
and user2, located in the Active Directory, will be placed into that Active Directory group.
Perform the following steps to create the limit user Access Rule:
1. At the ISA Server 2004 firewall computer, open the Microsoft Internet Security and Acceleration Server 2004 management console and expand the server name in the left pane of the console. Click on the Firewall Policy node. In the Task pane, click the Tasks tab. Click Create New Access Rule.
2. On the Welcome to the New Access Rule Wizard page, enter a name for the rule in the Access Rule name text box. In this example, we will call the rule Limited Users Web Access. Click Next.
3. On the Rule Action page, select Allow and click Next.
4. On the Protocols page, select Selected protocols from the This rule applies to dropdown list. Click Add.
5. In the Add Protocols dialog box, double click on the HTTP and HTTPS protocols. Click Close.
6. Click Next on the Protocols page.
7. On the Access Rule Sources page, click Add. In the Add Network Entities dialog box, click on the Networks folder. Double click on the Internal network, and click Close.
8. Click Next on the Access Rule Sources page.
9. On the Access Rule Destinations page, click Add. On the Add Network Entities dialog box, click the New menu, and click Domain Name Set.
10. In the New Domain Name Set Policy Element dialog box, click New. Enter the first domain name *.microsoft.com and press ENTER. Enter the following three domains *.msn.com, *.hotmail.com and *.windows.com. In the Name text box, enter Microsoft and click OK.
11. In the Add Network Entities dialog box, click on the Domain Name Sets folder and then double click on the Microsoft entry. Click Close.
12. On the User Sets page, select All Users entry from the This rule applies to request from the following user sets list, and click Remove. Click Add.
13. In the Add Users dialog box, click the New menu.
14. On the Welcome to the New User Sets Wizard page, enter a name for the User Set in the User set name text box. In this example, we will name the User Set Limited Web Users. Click Next.
15. On the Users page, click Add. Select the Windows users and groups option.
16. In the Select Users or Groups dialog box, click the Locations button.
17. In the Locations dialog box, expand the Entire Directory entry and click on your domain name. In this example, the domain name is msfirewall.org. Click OK.
18. In the Select Users or Groups dialog box, enter User2 in the Enter the object names to select text box and click Check Names. When the Active Directory finds the user name, it will be underlined. Click OK.
19. Click Next on the Users page.
20. Click Finish on the Completing the New User Set Wizard page.
21. Double click the Limited Web Users entry in the Add Users dialog box and click Close.
22. The Limited Web Users entry now appears in the This rule applies to requests from the following user sets list. Click Next.
23. Click Finish on the Completing the New Access Rule Wizard page.
Không có nhận xét nào:
Đăng nhận xét