It wouldn't stop all traffic to the server, you would just have to be specific about the rules you constructed in the IPsec policy. Unless by "all traffic", you mean "all shares on the server", in which case, that's where NTFS/share permissions would come in. Laura
_____ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M. Sent: Tuesday, January 09, 2007 5:25 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Shares with Computer Account Permissions Hi Laura, That’s what I thought of first but that would stop all traffic to the server, not just a particular share. Mike Thommes _____ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. Robinson Sent: Tuesday, January 09, 2007 4:19 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Shares with Computer Account Permissions Sure. IPsec. Laura _____ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of WATSON, BEN Sent: Tuesday, January 09, 2007 5:09 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Shares with Computer Account Permissions I was asked today whether it was possible to allow or deny access to shares not just based on user accounts, but also upon computer accounts. My immediate response was that I didn’t think so. So I tested it by simply creating a folder up on our file server, and added the computer account for my workstation and denying it access completely. This made no difference to my permissions when trying to access it from this workstation. So my question is this, is there any way to design access permissions in such a way so you could not only allow access to a share to a certain security group, but also to this security group only when they are accessing it on hosts that we have explicitly defined? ~Ben -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.432 / Virus Database: 268.16.7/620 - Release Date: 1/8/2007 4:12 PM -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.5.432 / Virus Database: 268.16.7/620 - Release Date: 1/8/2007 4:12 PM -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.5.432 / Virus Database: 268.16.7/620 - Release Date: 1/8/2007 4:12 PM -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.5.432 / Virus Database: 268.16.7/620 - Release Date: 1/8/2007 4:12 PM
