Can you give some more information about the proposed solution? For example, should a VPN user only have access to certain applications? Should it be different access in the same applications? Information like that would be useful here.
Al -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mika Seitsonen Sent: Monday, November 22, 2004 2:51 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Controlling access to AD based on the network technology used Any ideas on how to control access to data based on network technology that is used to access AD. I.e. if the user is on the LAN versus when she is accessing the directory via VPN/dial-up or Web. She should have different level/authority to view and modify data stored in the AD when being attached to the LAN. I can't really think of anything else but establishing different forests/ADAMs and synchronizing the content. Alternatively, the control and different view of data should be programmed into a web application. Mika --- http://www.kouti.com <http://www.kouti.com/> List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/