Yes, it is possible, but hairy: imagine for example a website (e.g. EBay) which uses isapi.dll as part of the request path, or sites running as CGI on windows servers (where the URL contains the ".exe" keyword but it is acually HTML. Filtering by content-type (via reply_access rules) may help but poses the same challenges. In other words it can be done, but the support costs would be really high except in the most trivial cass. This is what supports the existence of a category of software products collectively known as content filters. On 5/26/09, michael hiatt <michael_hiatt@xxxxxxxxxxx> wrote: > > Hi Guys, > I'm wondering if its possible to setup two different classes of access while > still using NTLM authentication. > E.G. basic access that allows only web documents (and images and CSS) > Supervisor type access that allows downloading of .zip .exe and other > potentially harmful files (but still required for some users). > > This would be great if I could still retain the same url block lists however > and settings for mostly everything else without too much duplication. > > > Thanks in advance again guys > > Regards, > Michael > > _________________________________________________________________ > Looking to move somewhere new this winter? Let ninemsn property help > http://a.ninemsn.com.au/b.aspx?URL=http%3A%2F%2Fninemsn%2Edomain%2Ecom%2Eau%2F%3Fs%5Fcid%3DFDMedia%3ANineMSN%5FHotmail%5FTagline&_t=774152450&_r=Domain_tagline&_m=EXT -- /kinkie
