A guest user gets redirected
A user is redirected if their home page is the Intranet
The only host that is resolved is the domain controller (DC); and no other intranet hosts are resolved.
Windows domain authentication can take place from quarantine with minimal configuration
Configure the domain suffixes in the quarantine areas to a placeholder, such as the following:
quarantine.bad
Enter the full domain controller hostnames in the System configuration>>Accessible services area (for example, dc01.mycompany.com, dc02.mycompany.com).
Ensure that each ES has a valid, fully qualified domain name (FQDN) and that the domain portion matches the domain for the registered windows domain.
Ensure that each ES is configured with one or more valid DNS servers that can fully resolve (both A and PTR records) each ES.
Ensure that the following ports on the domain controller/active directory (DC/AD) servers are available from quarantine:
88
389
135-139
1025
Novell ZENworks Network Access Control will then lookup the Kerberos and LDAP services, and resolve those services within its own DNS server used for quarantined devices.
For example:
_kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.lvh.com. 86400 IN SRV 0 100 88 dc01.lvh.com _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.lvh.com. 86400 IN SRV 0 100 389 dc01.lvh.com