restrict non-domain computers

Unanswered Question
May 13th, 2008

Does anyone know if it is possible to restrict access based on domain membership or an AD Group?

The purpose is to restrict non-domain computers even if the client has a legitimate domain credential to use for authentication.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jason.spangler Wed, 05/14/2008 - 15:13

I believe you could put these PCs into a different subnet and create a policy based on the subnet.

I think so anyway.


jowolfer Wed, 05/14/2008 - 16:07

That is correct. The only way to restrict these computers would be to make a rule (above your auth group policies), that states the specific IPs / subnets are granted certain / no access.

As long as the rule is above all your auth rules, it will trigger first and take precedence. Be sure to disable WBRS for this rule as well, since there is a potential for +6 sites to be allowed.


This Discussion