User Sets

When creating policies, you might wish to allow or deny traffic based on a user account. Although the title of this category is user sets, you can define not only individual Windows, RADIUS, or SecurID users, but groups of Windows users. You can also choose to allow all RADIUS or SecurID users in a namespace.

Creating a User Set

Two predefined user sets exist in the Toolbox category: All Authenticated Users and All Users. All Authenticated Users are those user accounts authenticated by an Active Directory domain controller, a RADIUS server, or a SecurID authenticator. In addition, you can define your own user sets that target users and groups.

To create a user set, follow these instructions:

1. In the ISA Server Management console tree, click Firewall Policy.

2. On the Toolbox tab in the task pane, click Users, then click New.

3. On the Welcome To The New User Sets Wizard page, type a name for the new user set, then click Next.

4. On the Users page, click Add, then select the namespace—Windows Users And Groups, RADIUS, or SecurID—and identify the User, Group, or Entire Namespace from each namespace as appropriate. Click Next after you identify all users and groups.

5. On the Completing The New User Set Wizard page, review your settings, then click Finish.

6. Click Apply, then click OK to commit the changes.