[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] Impossible Problem for NG?
This may be a little long-winded to explain my situation... We want to be able to track people by there Windows 2000 Active Directory usernames no matter what computer they surf from. We would like to upgrade to NG and have NG use RADIUS to tie into Active Directory through Microsoft IAS Server. Question 1: Does this authentication require users to input there username and password to access the web or does this authentication take place in the background (single sign-on)? We also have remote users that dial into Microsoft Terminal Server (with Citrix client) to gain access to our internal network. Browsing the Internet is then available to them as if they were part of our internal network. All Internet access goes out through Check Point. My understanding is that this authentication method uses IP to username mappings, and therefore when the first person logged on to Terminal Server, that person would be authenticating for all users of Terminal Server (as it is a single IP address with multiple users). Question 2 - Does anyone see any way that we can track users by their domain username when they surf the Internet, both from the corporate network and when they dial in through Terminal Server? Microsoft ISA Server was suggested, but it sucks bad, and too much functionality will be lost if we implement it. RealPlayer, Windows Media Player, QuickTime, Shockwave, etc... I want to use NG, but an "expert" told me it couldn't solve both username and Terminal Server issues. All questions, concerns, feedback, solutions are welcome. Cheers, Chris ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|