Managing User Access on a Remote Access Server in a Workgroup (254169)

MORE INFORMATION

Remote access servers that are members of workgroups rather than domains provide the following two methods for managing user access:

• The Network and Dial-up Connections folder provides a simple user interface for managing a user's dial-in properties by configuring the Incoming Connection properties.
  
  
• The Local User Manager snap-in allows you to manage more advanced user dial-in capabilities.

Three values define user access: When you enable or disable access through the Network and Dial-up Connections user interface (by using the Make a New Connection Wizard or by setting the Incoming Connection properties after the server has been enabled), the Allow or Deny access permissions are set for the affected user. This does not override other properties, such as Account Disabled, that can be set only by the Local User Manager.

When you are using Remote Access Policy to control remote users, each user's access permission is set to the default value of Policy.

NOTE: Enabling access by using Incoming Connection properties resets that user's access permission to Allow, rather than Policy. For this reason, be cautious when you are using both Local User Manager and Network and Dial-up Connections to manage dial-in access.