To open ISA Server Management, click Start, point to
All Programs, point to Microsoft ISA Server, and then
click ISA Server Management.
For ISA Server 2006 Enterprise Edition, expand
Microsoft Internet Security and Acceleration
Server 2006, expand Arrays, expand
Array_Name, and then click Firewall
For ISA Server 2006 Standard Edition, expand Microsoft
Internet Security and Acceleration Server 2006, expand
Server_Name, and then click Firewall
To enable single sign-on (SSO), on the Authentication
Settings page of the wizard, select HTML Form
Authentication. The next page of the wizard allows you to
enable SSO and provide the SSO domain name.
When enabling SSO, be sure to provide a specific SSO domain.
Providing a generic domain, such as .co.uk, will allow the
Web browser to send the ISA Server SSO cookie to any Web site in
that domain, creating a security risk.
If you allow users to connect to ISA Server over HTTP, and then
direct that traffic over HTTPS to a published server, ISA Server
will translate HTTPS links to HTTP, which has security
implications. This is an issue for a Web listener that listens on
HTTP, or on HTTP and HTTPS. We recommend that when ISA Server is
configured to direct traffic to a published server over HTTPS, that
the corresponding Web listener be configured to listen only on
A publishing rule with a Web listener that uses a specific form
of credential validation must use a user set that is consistent
with that form of validation. For example, a publishing rule with a
Web listener that uses LDAP credential validation must also use a
user set that consists of LDAP users. It cannot include Active