Home
Certification Preparation
Microsoft
MCSA / MCSE on Windows 2003 General
Net Infra 70-291
RAP Conditions Vs Profile allow access or restrict access
aquageek
Ok, doing some practice tests and I came across a scenario.
Condtion: policy to allow access 9am to 5pm sunday through saturday.
Active Directory: User account is set to allow access
Policy: Deny Access (over ridden by AD user setting)
Profile: Restrict access to 00:00 to 24:00 monday through friday.
Why would the condition allow you to connect through the weekend when the profile is just going to restrict your access?
Find more posts tagged with
Comments
tmpruess
The RRAS server applies the permissions in the order that you listed below:
Condition
Active Directory
(RAP Policy if AD is set to Control Access through Remote Access Policy)
Profile
In order to connect to the RRAS server a user has to meet only 1 of the policies in the condition field. Usually these policies are meant to be applied to EVERYONE dialing in. So the only time anyone in the organization can access the server is between 9am - 5pm sunday - saturday unless they meet another condition.
After the AD restrictions get applied the Profile settings are checked. These settings apply more restrictions to the user's access time so the user will only be able to connect monday - friday 9am - 5pm.
Finally, to answer your question maybe the company does not want this user to have access to the company resources during the weekend but still wants other users to have the access to dail in during the weekend.
aquageek
Ok, yeah, that makes sense. Thanks!
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
