No announcement yet.

Picking up login of user

This topic is closed.
  • Filter
  • Time
  • Show
Clear All
new posts

  • Picking up login of user


    Hope you are all well.

    Our policy layout:

    Default policy > Firewall app - block rule with no conditionsDomain Admins (Default policy parent) - Firewall app - block rule to any WANDomain Policy (Default policy parent) - Multiple apps, web filtering, av etc etc

    Policy rule to point unauthenticated at default policy, domain admins group to domain admins policy and members of domain users to domain policy

    The problem I am seeing is a user is working and using the Domain policy rack. If that user then rdp's or installs software using a domain admins credentials, then after that it seems to enforce the domain admins policy. If I rdp using the normal users credentials then internet access resumes using the domain policy. I think I can understand why, but just wondering if there is a way around this? I am guessing that adding the admin account to the directory connector exceptions would actually stop the domain admin policy from apply?

    Its more a problem for domain admins who are logging in with normal accounts, and then rdp or authenticate to another program with their domain admin accounts.

    Many thanks

  • #2
    This is as expected. When the admin credentials are used, the Windows Domain server shows that as a login on IP X. Untangle gets the notification that admin is now on IP X so IP X traffic is sent on policy for admins. When the user logs in again, the IP X is reassigned.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email [email protected]