https://community.cisco.com/t5/network-security/how-do-you-selectively-disable-users-validated-by-nt-domain/m-p/173884#M1060463 <HTML><HEAD></HEAD><BODY><P>Thanks kindly for your note. I'll have to check into this further.</P><P></P><P>If you are able to, this issue should be submitted as a bug / feature enhancement.</P><P></P><P>If you can query nt for whether or not they're a valid user, you should also be able to query whether or not they are members of the defined group. e.g. admins vs. guests.</P></BODY></HTML> Tue, 30 Sep 2003 21:58:53 GMT bswitzer 2003-09-30T21:58:53Z https://community.cisco.com/t5/network-security/how-do-you-selectively-disable-users-validated-by-nt-domain/m-p/173882#M1060461 <P>We are validating our sw vpn users on our 3030 via nt domain. Therefore there are no individual userids.</P><P></P><P>How can we selectively disable certain users? e.g. A few office workers not allowed to come in from home.</P><P></P><P>If this were Windows / RAS we could uncheck the dialin box on their user profile - is there some similar setting within Windows for sw VPN users?</P><P></P><P>Or even better, are these domain authenticated users authenticated against any particular nt group, from which we could then remove them?</P> Fri, 21 Feb 2020 07:00:28 GMT https://community.cisco.com/t5/network-security/how-do-you-selectively-disable-users-validated-by-nt-domain/m-p/173882#M1060461 bswitzer 2020-02-21T07:00:28Z https://community.cisco.com/t5/network-security/how-do-you-selectively-disable-users-validated-by-nt-domain/m-p/173883#M1060462 <HTML><HEAD></HEAD><BODY><P>With NT Domain Authentication, what you are trying is not possible. What you need to do is to configure the concentrator to use Radius. You could refer to <A class="jive-link-custom" href="http://www.cisco.com/warp/public/471/cisco_vpn_msradius.html" target="_blank">http://www.cisco.com/warp/public/471/cisco_vpn_msradius.html</A> and <A class="jive-link-custom" href="http://www.cisco.com/warp/public/471/vpn3k_ias.html" target="_blank">http://www.cisco.com/warp/public/471/vpn3k_ias.html</A> for more configuration information.</P></BODY></HTML> Tue, 30 Sep 2003 19:01:25 GMT https://community.cisco.com/t5/network-security/how-do-you-selectively-disable-users-validated-by-nt-domain/m-p/173883#M1060462 jsivulka 2003-09-30T19:01:25Z https://community.cisco.com/t5/network-security/how-do-you-selectively-disable-users-validated-by-nt-domain/m-p/173884#M1060463 <HTML><HEAD></HEAD><BODY><P>Thanks kindly for your note. I'll have to check into this further.</P><P></P><P>If you are able to, this issue should be submitted as a bug / feature enhancement.</P><P></P><P>If you can query nt for whether or not they're a valid user, you should also be able to query whether or not they are members of the defined group. e.g. admins vs. guests.</P></BODY></HTML> Tue, 30 Sep 2003 21:58:53 GMT https://community.cisco.com/t5/network-security/how-do-you-selectively-disable-users-validated-by-nt-domain/m-p/173884#M1060463 bswitzer 2003-09-30T21:58:53Z