Frequently Asked Questions - Dr. Tom Shinderamp;#039;s Configuring ISA Server 1002004 [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

Dr. Tom Shinderamp;#039;s Configuring ISA Server 1002004 [Electronic resources] - نسخه متنی

Thomas W. Shinder; Debra Littlejohn Shinder

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
ارسال به دوستان
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات
توضیحات
افزودن یادداشت جدید









Frequently Asked Questions

The following Frequently Asked Questions, answered by the authors of this book, are designed to both measure your understanding of the concepts presented in this chapter and to assist you with real-life implementation of these concepts. To have your questions about this chapter answered by the author, browse to www.syngress.com/solutions and click on the 'Ask the Author' form. You will also gain access to thousands of other FAQs at ITFAQnet.com.

Q: I have configured ISA Server to block anonymous users, but when I look at the logs, I see anonymous requests. What am I doing wrong?

A: Even though you require all users to authenticate, the initial request sent by a user is sent anonymously and logged as 'anonymous.' When authentication is required, the ISA Server sends back a 407 message in response to this anonymous request ('authentication required'). Then the user responds by sending the same request again with NTLM authentication credentials. ISA Server responds with another 407 message and sends an authentication challenge. The third time, the user responds with the same request and with an authentication response. Now the connection is logged with the user's account name. However, the first two communications will be logged as from anonymous users.

Q: I have configured an alert with an action to run a specific program when the alert conditions are triggered. The event is displayed in both the Alerts window of the ISA Server Monitoring node and in the Windows event viewer, but the program did not run as expected. What happened?

A: The most likely answer is that the user account that you specified to run the program did not have the correct permissions to do so. In order to perform an alert action, the account needs to have the Logon as batch job permission. If it doesn't, the action will fail. To solve the problem, either specify a different account to run the program (one that has the Logon as batch job permission) or assign the Logon as batch job permission to the user account.

Q: I configured an alert and chose to have an e-mail notification sent to my e-mail address when the alert is trigger. The event is displayed in the Alerts window of the ISA Server Monitoring node and in the Windows event viewer, but I did not receive the e-mail message? What happened?

A: You should check the configuration of the SMTP server that you specified to send the e-mail message. If it is an external SMTP server, the e-mail notifications cannot be sent unless you first define an access rule to allow the local host to access the external SMTP server. If it is an SMTP server on the Internal network, you will have to enable the system policy rule to allow the local host network to access the Internal network using the SMTP protocol.

Q: The Dashboard shows 'No connectivity' for the entire Web (Internet) group, but when I check the Connectivity tab, only one of the five Web servers in the group shows a problem. Why did the Dashboard indicate that they were all disconnected?

A: The Dashboard gives you a 'worst case' report so that you know there is a problem with one or more servers in a group, and you know what the problem is. If any server in a group has a problem, the group status will display that problem. Remember that the Dashboard is only intended to provide an 'at a glance' overview of information. For details, you should always consult the appropriate tab (in this case, the Connectivity tab).

Q: I know I can set the refresh rates for the various tabs by selecting None, Low, Medium, or High in the right task pane. But what do those levels really mean? How often is the view refreshed at each selection?

A: If the refresh rate is set to None, the view never automatically refreshes (you can refresh it manually by clicking the Refresh button on the top toolbar or the Refresh Now icon in the right task pane). If the refresh rate is set to Low, the view is refreshed at 120 second intervals. If the refresh rate is set to Medium, the view is refreshed at 60 second intervals. If the refresh rate is set to High, the view is refreshed at 30 second intervals.

Q: I configured an alert to trigger when a DNS intrusion attempt occurs five times, by setting the Number of occurrences value to 5 on the Events tab of the DNS intrusion properties dialog box. However, I can see in the log that a DNS intrusion event did occur exactly five times, but the alert did not trigger. Why not?

A: When you set a value in the Number of occurrences field, the alert will be triggered on the next attempt after the number you specified. Thus, if you set the value to 5, the alert will not be triggered until the 6th occurrence of the event.

Q: I have set up a monthly Web Usage report to run on the last day of every month (the 31st) so I can get the data for the entire month. However, last month (September), the report did not run. Do I have to manually run a report every month in order to get the entire previous month? If I had specified the 28th (since all months have at least 28 days), I wouldn't get data for the last days on those months that have more days.

A: When the day of the month you have specified doesn't exist (e.g., September has only 30 days), the report won't run on those months that don't have that day. The solution is simple: run the report on the 1st day of every month. Since reports are created from log summaries, the data for the 1st will not yet be available on the 1st when you run the report. Thus, you will get all of the data for the previous month, regardless of how many days it has.

/ 145