Application of Remote Access Policy

J

Jeff

Hi All,

Windows 2003 RRAS Server.

We have a few policies in place based o Group membership. However, only
the first policy is honored. Is this expected behavior? Or should all
policies that match be applied? The help file talked in detail about
granting/denying of a policy, but it did not mention multiple matches.

I'm approaching this like Group Policy - break a monlithic policy into
smaller policies. But as I said, RRAS does not appear to honor it.

Jeff
 
B

Bill Grant

I seem to remember this being discussed a long time ago in this ng. As I
remember, the policies are scanned in order. As soon as as a policy is found
which gives the client access, the client is connected and no further
policies are examined. So if the most general policy is the first one, the
others will never be used.
 
J

Jeff

Hi Bill,

Thanks for the quick reply.

You are correct. First match algorithm... I should have guessed as much
when I saw the policies could be ordered (moved UP and DOWN).

Thanks,
Jeff
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Remote Access Policies - Order is blocking for different access levels 1
FIX: Can't encrypt the Offline Files cache using Group Policy sett 0
RRAS Policy getting ignored 1
Question about group policy/security policy registry settings 1
Boy, did I screw up some Group Policies! 8
Deny Group Policy based on Computers 1
Help with loopback policy 2
Local group policy - access denied 0

Top