Application of Remote Access Policy

  • Thread starter Thread starter Jeff
  • Start date Start date
J

Jeff

Hi All,

Windows 2003 RRAS Server.

We have a few policies in place based o Group membership. However, only
the first policy is honored. Is this expected behavior? Or should all
policies that match be applied? The help file talked in detail about
granting/denying of a policy, but it did not mention multiple matches.

I'm approaching this like Group Policy - break a monlithic policy into
smaller policies. But as I said, RRAS does not appear to honor it.

Jeff
 
I seem to remember this being discussed a long time ago in this ng. As I
remember, the policies are scanned in order. As soon as as a policy is found
which gives the client access, the client is connected and no further
policies are examined. So if the most general policy is the first one, the
others will never be used.
 
Hi Bill,

Thanks for the quick reply.

You are correct. First match algorithm... I should have guessed as much
when I saw the policies could be ordered (moved UP and DOWN).

Thanks,
Jeff
 
Back
Top