1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Remote Access Policies

Discussion in 'Network Infrastructure' started by Daniel, Sep 21, 2009.

  1. Daniel

    Daniel Byte Poster

    236
    6
    25
    Hello guys, just thought I'd pop in and use your fountain of knowledge.

    RAPCAP..

    Example:

    Policy 1

    Day/Time: Mon - Friday
    Group: Sales

    Now, I've heard two answers to this question.

    If I meet the first condition of the policy, but not the second condition of the policy, is the policy logic finished? Or do me move onto the next policy.

    My LabSim software says in the tutorial that we move onto the next policy, but in the Q/A section, it says that the policy logic is finished, we do not check any more policies if you meet one condition of a policy but not all.

    I have a sneaking suspicion that if you do not meet all conditions of a policy or you meet some but not all of the conditions in a the policy, we move onto the next one.

    Cheers guys.
     
    Certifications: 70-270, 70-290, 70-291
    WIP: None, but learning SEO/SEM
  2. craigie

    craigie Terabyte Poster

    3,020
    173
    155
    It's a bit of both mate.

    The rules are processed in order, however if certain explicit conditions are not met then, no further rules are processed. Therefore, you have to be careful how you do the rules.

    For example, if you always wanted the Sales group to have access regardless of time and day, but the Marketing group to only have access between 9-5 M-F, you would set it up as follows:

    Policy 1 - Sales Allow Access
    Policy 2 - M-F 9-5
    Policy 3 - Marketing Allow Access
     
    Certifications: CCA | CCENT | CCNA | CCNA:S | HP APC | HP ASE | ITILv3 | MCP | MCDST | MCITP: EA | MCTS:Vista | MCTS:Exch '07 | MCSA 2003 | MCSA:M 2003 | MCSA 2008 | MCSE | VCP5-DT | VCP4-DCV | VCP5-DCV | VCAP5-DCA | VCAP5-DCD | VMTSP | VTSP 4 | VTSP 5
  3. Daniel

    Daniel Byte Poster

    236
    6
    25
    Mhm.

    I got that.

    If you meet the conditions of a policy but your denied in Active Directory, THEN the policy logic is finish.

    We do not check any other policies.
     
    Last edited: Sep 21, 2009
    Certifications: 70-270, 70-290, 70-291
    WIP: None, but learning SEO/SEM

Share This Page

Loading...