Anyone guide me on something I'm trying to accomplish. Basically I want to enable NTLM to a location but only have it apply toworkstation not servers. So would be easier to check user agentWindows XP and Windows 7 /8 ??
Anyone have a sample XML I can use as a template.
// Match user agent string with operating systems
Windows 2000 => (Windows NT 5.0)|(Windows 2000),
Windows XP => (Windows NT 5.1)|(Windows XP),
Windows Server 2003 => (Windows NT 5.2),
Windows Vista => (Windows NT 6.0),
Windows 7 => (Windows NT 6.1),
Windows 8 => (Windows NT 6.2),
Windows NT 4.0 => (Windows NT 4.0)|(WinNT4.0)|(WinNT)|(Windows NT),
Windows ME => Windows ME,
Open BSD => OpenBSD,
Sun OS => SunOS,
Linux => (Linux)|(X11),
Mac OS => (Mac_PowerPC)|(Macintosh),
QNX => QNX,
BeOS => BeOS,
OS/2 => OS/2,
It would be easy to check the User-Agent value, but maybe not relliable. I use it for excluding specific applications that advertise what they are (like Lync or MS updates). Many people have servers in a separate secion of their network, so that would be a more reliable way of checking.
I don't have a good list of user agents to give you, or a rule XML, but here is how I have mine set up:
This is in the top level rule set. The actual authentication happens in a sub rule set.