Anyone guide me on something I'm trying to accomplish. Basically I want to enable NTLM to a location but only have it apply toworkstation not servers. So would be easier to check user agentWindows XP and Windows 7 /8 ??
Anyone have a sample XML I can use as a template.
// Match user agent string with operating systems Windows 2000 => (Windows NT 5.0)|(Windows 2000), Windows XP => (Windows NT 5.1)|(Windows XP), Windows Server 2003 => (Windows NT 5.2), Windows Vista => (Windows NT 6.0), Windows 7 => (Windows NT 6.1), Windows 8 => (Windows NT 6.2), Windows NT 4.0 => (Windows NT 4.0)|(WinNT4.0)|(WinNT)|(Windows NT), Windows ME => Windows ME, Open BSD => OpenBSD, Sun OS => SunOS, Linux => (Linux)|(X11), Mac OS => (Mac_PowerPC)|(Macintosh), QNX => QNX, BeOS => BeOS, OS/2 => OS/2, Search Bot=>(nuhk)|(Googlebot)|(Yammybot)|(Openbot)|(Slurp)|(MSNBot)|(AskJeeves/Teoma)|(ia_archiver)
It would be easy to check the User-Agent value, but maybe not relliable. I use it for excluding specific applications that advertise what they are (like Lync or MS updates). Many people have servers in a separate secion of their network, so that would be a more reliable way of checking.
I don't have a good list of user agents to give you, or a rule XML, but here is how I have mine set up:
This is in the top level rule set. The actual authentication happens in a sub rule set.