OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: NT ACCESS ROLES
From: Andre Toussaint (atoussaintPOWERCOMUSA.COM)
Date: Wed Sep 20 2000 - 16:04:40 CDT


Not a 100% in the win2k environ, but prob the same as nt4.
If you were to setup a RAS server, when people dial into the RAS server, you
can limit access to just the RAS server, or allow access to network.
Sounds like what your looking for.

Your other question got me, but now that you mention it, I'd like to know
how to limit the number of times also.

andre

-----Original Message-----
From: Mitch James [mailto:mitchjAVANADE.COM]
Sent: Wednesday, September 20, 2000 10:56 AM
To: FOCUS-MSSECURITYFOCUS.COM
Subject: NT ACCESS ROLES

        The question is this: Can access be controlled via entry point into
the network (in a Windows 2k Environment). An example: A person dials in
thru a modem or comes in thru a VPN connection. Can they be given less
access to the network than if they come in thru their desktop pc. The caveat
is that there are no special group memberships or permissions. It's just
like the person went home and dialed in, they have the same NT rights just
different access points. I know I could probably put up an additional
firewall at the outside access point but would prefer not to.
        A second question that may have come up before. Controlling how many
times a person can log in to the network..
Thanks.

Mitchell James
Security Architecture
Direct 206-903-5839
Cell 303-748-7596