https://community.sophos.com/web-appliance/f/discussions/97427/authentication-with-ad-based-on-groupsI&acute;d like to do authentication based on groups. My appliance is a WSA500. I only want to allow internet access to users in the AD group ghttp. Is that possible? If yes, please tell me how. Thanks, Holgeren-USTelligent Community 12https://community.sophos.com/thread/385955?ContentTypeID=1Fri, 12 Oct 2018 12:11:20 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:2f3127ee-adeb-4249-b121-fdb6468abdcaPaul Nikelson<p>Thank you!! I wanted to do the same something in my site:&nbsp;<a title="https://descargar-geometrydash.com/" href="https://descargar-geometrydash.com/">https://descargar-geometrydash.com/</a>&nbsp;and I could do it.</p> <p>Now, I will try to replicate to other sites I am managing.</p><div style="clear:both;"></div>https://community.sophos.com/thread/354559?ContentTypeID=1Mon, 06 Nov 2017 09:39:52 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:f0152a08-fb40-4b09-9f90-a6f2c10a99e5Michael Dunn<p>Go to the Policy Test menu item.&nbsp; Enter in the destination and user name and test.</p> <p>If the &quot;Policy&quot; that it hits is Default Policy, then you have a problem with Default Groups.</p> <p>If the Policy is the name of one of your additional policies, you have a problem with that one, check the first tab.</p><div style="clear:both;"></div>https://community.sophos.com/thread/354479?ContentTypeID=1Sun, 05 Nov 2017 05:03:24 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:cf4c420c-0b98-4f3d-92fa-afb6e77e27faChristianZittar<p>Dear Michael,</p> <p>&nbsp;</p> <p>thanks for the informations.</p> <p>Under Default Groups I have selected the radio button, Only selectewd Entries</p> <p>Under System Authentication is Block Access</p> <p>Under Recent Activity Search I have the usernames.</p> <p>&nbsp;</p><div style="clear:both;"></div>https://community.sophos.com/thread/354392?ContentTypeID=1Fri, 03 Nov 2017 15:41:34 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:812e9a6e-b73d-4c01-b9e1-46028b143f83Michael Dunn<p>Under Default Groups, make sure that your radio button is selected as you are trying to configure.</p> <p>Under System Authentication, authentication failure, make sure that you Block access.</p> <p>&nbsp;</p> <p>If it is still allowing access that it shouldn&#39;t, under the Recent Activity Search, is it showing the usernames or the IPs?</p><div style="clear:both;"></div>https://community.sophos.com/thread/353868?ContentTypeID=1Tue, 31 Oct 2017 03:51:47 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:e6dee050-42cd-40f6-9314-34fdbe6b4532ChristianZittar<p>Thanks Karlos,</p> <p>&nbsp;</p> <p>I saw the points in the menus.</p> <p>But one question is coming up everytime:</p> <p>Why does everyone has access to the internet although I configured in the Group Policy default groups menu, that only specific groups are allowed to!?</p> <p>But I have users which are not member of this group ghttp which are still allowed to access the internet....</p> <p>Any thoughts?</p> <p>&nbsp;</p> <p>Or is your suggestion to fix it with additional Policy my solution already?</p> <p>Thanks in advance,</p> <p>Holger</p> <p>&nbsp;</p><div style="clear:both;"></div>https://community.sophos.com/thread/353824?ContentTypeID=1Mon, 30 Oct 2017 18:42:22 GMT4be5eb7d-caa4-4ff5-8e60-8f9463545a35:da493908-8ccf-4ab5-aa10-779ade246a79Karlos<p>Hi Holger,</p> <p>There&#39;s several ways to achieve this goal, here is one way:</p> <p>First, make sure you set up AD Authentication on your appliance:&nbsp;</p> <p>-&nbsp;<a href="/kb/en-us/126599" target="_blank">Sophos Web Appliance: requirements and best practices to setup authentication</a></p> <p>-&nbsp;<a href="http://wsa.sophos.com/docs/wsa/webhelp/tasks/ConfigSysActiveDirectoryAccess.html" target="_blank">Configuring Active Directory Access</a></p> <p>Then you can set up your default policy to block all</p> <p>Lastly, you can set up an Additional Policy - specify AD group&nbsp;ghttp and allow the categories you would like for them to be able to access</p> <p>Cheers,</p> <p>Karlos</p><div style="clear:both;"></div>