Results 1 to 2 of 2
  1. #1
    Newbie
    Join Date
    Apr 2022
    Posts
    1

    Default Picking up login of user

    Hi,

    Hope you are all well.

    Our policy layout:

    Default policy > Firewall app - block rule with no conditions
    Domain Admins (Default policy parent) - Firewall app - block rule to any WAN
    Domain Policy (Default policy parent) - Multiple apps, web filtering, av etc etc

    Policy rule to point unauthenticated at default policy, domain admins group to domain admins policy and members of domain users to domain policy

    The problem I am seeing is a user is working and using the Domain policy rack. If that user then rdp's or installs software using a domain admins credentials, then after that it seems to enforce the domain admins policy. If I rdp using the normal users credentials then internet access resumes using the domain policy. I think I can understand why, but just wondering if there is a way around this? I am guessing that adding the admin account to the directory connector exceptions would actually stop the domain admin policy from apply?

    Its more a problem for domain admins who are logging in with normal accounts, and then rdp or authenticate to another program with their domain admin accounts.

    Many thanks
    Simon

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Lake Tahoe
    Posts
    9,767

    Default

    This is as expected. When the admin credentials are used, the Windows Domain server shows that as a login on IP X. Untangle gets the notification that admin is now on IP X so IP X traffic is sent on policy for admins. When the user logs in again, the IP X is reassigned.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2