Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Import DC accounts + Filter websites per group/users.

Messages: 1
Karma: 0
Send a private message to this user


I downloaded Kerio Control Trial and Installed in a Windows 2003 server, the installation was fine and the product works fine. I installed in my office server, which has 2 network interfaces (one internal and one external) and is our Domain Controller.

I was able to create rules, forward ports, etc as expected.

1) However, when go to the "Users" feature and I chose to import / load my user-list from my Domain Controller I insert my credentials and it took for ever and the application keeps unstable. After that, I can close the Kerio control and even rebooting the server, when I open it again and click in "Users" features the process continue and the application stop working again. The only solution is to remove and install again, but I'm unable to import my DC accounts. Is this a well know problem? There is any workaround?

2) I could create rules to users access the internet over Kerio proxy, which enforces URL restriction, it's nice. However, I can't add different groups or users with different access levels.

For example, I want that all users being denied when accessing common search engines (the pre built-in URL policy) but I want that two users / machines (the owners of the company) have unrestricted access.

I created a user for the two owners, and when the page get blocked by Kerio Control I inserted the credentials that I created, but it says that the credential is not authorized to access this resource.

I tried a workaround, blocking port 3128 from the two owner's computers and allowing only to them full NAT to port 80 and 443, but very uncommon it continues to be redirected to the proxy. Maybe when the proxy is started all connections to port 80 and 443 are redirected to proxy bypassing the firewall rules?

How to solve this situation? I mean, I need a special groups without any website restrictions and another with the restrictions.


Messages: 7
Karma: 0
Send a private message to this user
Hi rick.k,

If I understood it right, you have installed your Kerio Control on a DC. Am I right?

If that is the case, it is not a typical setup of having your DC exposed to another application or to the public network. Over time, it is a practice that a machine that is configured to be a DC should be a dedicated one.

If its possible for you, have your Kerio Control installed on a separate machine and try setting up your Active Directory connection to your DC. This works well in my case.

Secondly, for your HTTP rules. You may simply create a separate rules for whatever policy you wanted to implement on a separate sets or groups of users. This will help you not to go over the complications of NAT, a simple internet proxy rule will do.

Hope this helps Smile
Previous Topic: DHCP Server Problem KWF 6.7.1
Next Topic: Microsoft RAS + KWF
Goto Forum:

Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sun Nov 19 15:28:25 CET 2017

Total time taken to generate the page: 0.00435 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.