Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

CE-507 with NTLM ACLs

Hi!

I'm trying to block Internet access to a set of domain users by creating a group called "nonet_users" in my PDC and assigning those users to this group. The problem is that all those users belong to at least one other domain group like "Domain_Uses". When the CE-507 queries the PDC the response is always matching the "Domain_Users" group making the HTTP request matching the "permit any" ACL line.

Let me add that i don't want to deny Internet access to all "Domain_Users" users so i can't use this group in the ACL.

access-lists 300 deny groupname nonet_users

access-lists 300 permit groupname any

access-lists enable

Regards

1 ACCEPTED SOLUTION

Accepted Solutions
Bronze

Re: CE-507 with NTLM ACLs

1 REPLY
Bronze

Re: CE-507 with NTLM ACLs

87
Views
5
Helpful
1
Replies
CreatePlease to create content