Message-ID: <6678348.1075857471288.JavaMail.evans@thyme> Date: Mon, 5 Mar 2001 04:57:00 -0800 (PST) From: hunter.shively@enron.com To: chris.gaskill@enron.com Subject: FW: question Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-From: Hunter S Shively X-To: Chris Gaskill X-cc: X-bcc: X-Folder: \Hunter_Shively_Jun2001\Notes Folders\'sent mail X-Origin: Shively-H X-FileName: hshivel.nsf I would like for Colin and David to create security that gives access to the site for certain users only. There are too many people logging in that we do not know. We need to begin creating this list. All Central, Texas, East, West, NYMEX desk and Chicago office traders (Richard Tomaski will provide the Chicago office names) Power traders Fundamentals Gas, Power, EIM Fred's group Lavo, Whalley, Kitchen, Frevert, If you can think of any more let me know. Can we implement the security this week? ---------------------- Forwarded by Hunter S Shively/HOU/ECT on 03/05/2001 12:47 PM --------------------------- From: David Dronet/ENRON@enronXgate on 02/28/2001 01:06 PM To: Hunter S Shively/HOU/ECT@ECT, Amanda Huble/NA/Enron@Enron, Colin Tonks/ENRON@enronXgate cc: Subject: FW: question The "banned" users should now be unable to view the site in development or production. Dave -----Original Message----- From: Spann, Christopher Sent: Wednesday, February 28, 2001 1:04 PM To: Dronet, David Cc: Tonks, Colin; Ghashghai, Dave; Hardy, Chrysti; Johnson, Glynn; Ray, Edward; Spann, Christopher; Tiner, Brent Subject: RE: question Ok, Done. Just an FYI for WebOps: gasfundy.dev.corp.enron.com and gasfundy.corp.enron.com have a special group named "Corp\Web_GasfundyBanned". This group is added at the wwwroot level and deny all is selected. This will allow David and his group to deny access to the gasfundy site to a small group of users. Thank you, -----Original Message----- From: Dronet, David Sent: Wednesday, February 28, 2001 8:25 AM To: Spann, Christopher Cc: Tonks, Colin Subject: RE: question I confirmed that this does work, could we please remove Colin from that group, and put the same restriction on the production server? Thanks, David Dronet -----Original Message----- From: Spann, Christopher Sent: Wednesday, February 28, 2001 7:31 AM To: Tonks, Colin Cc: Dronet, David Subject: RE: question You will have to close your browser and maybe even log out of your machine before the change will take place. -----Original Message----- From: Tonks, Colin Sent: Tuesday, February 27, 2001 4:52 PM To: Spann, Christopher Cc: Dronet, David Subject: RE: question I just tried and I can access both prod and dev. Colin -----Original Message----- From: Spann, Christopher Sent: Tuesday, February 27, 2001 4:50 PM To: Dronet, David Cc: Tonks, Colin Subject: RE: question Colin has is now a part of the group. Please test and let me know when to go forward. Chris -----Original Message----- From: Dronet, David Sent: Tuesday, February 27, 2001 4:46 PM To: Spann, Christopher Cc: Tonks, Colin Subject: RE: question Could we add colin tonks to that group for testing purposes? Thanks -----Original Message----- From: Spann, Christopher Sent: Tuesday, February 27, 2001 1:08 PM To: Dronet, David Subject: RE: question Ok, it is done on the dev site, please verify that the site is running as intended, and once I receive word of this, I will do the same on production. -----Original Message----- From: Dronet, David Sent: Tuesday, February 27, 2001 10:20 AM To: Spann, Christopher Subject: FW: question Chris, I was just wondering if we had proceeded with this. Thanks, David Dronet -----Original Message----- From: Dronet, David Sent: Thursday, February 22, 2001 11:08 AM To: Spann, Christopher Subject: RE: question Actually, I mean the root web, everything but the virtual directories. Ok, could we create a group called GasFundy_banned or something, and put these users in it? They would be denied access to the root of http://gasfundy.corp.enron.com and http://gasfundy.dev.corp.enron.com Greg McClendon Carey Metz James McKay Lauri Allen Ed Gottlob Gary Lamphier Danny Conner Gary Hanks -----Original Message----- From: Spann, Christopher Sent: Thursday, February 22, 2001 9:15 AM To: Dronet, David Subject: RE: question No, but you could give us a list and we could create a group for them. Will they be denied access to the entire site, or just some portions? -----Original Message----- From: Dronet, David Sent: Thursday, February 22, 2001 9:13 AM To: Spann, Christopher Subject: RE: question Hmm, I've got a unique situation where there are a group of ex-gas traders they need to block from our gas site. I don't know of a common group they belong to but could we not implicitly deny them on an individual basis? Thanks, Dave -----Original Message----- From: Spann, Christopher Sent: Thursday, February 22, 2001 7:42 AM To: Dronet, David Cc: Ghashghai, Dave; Hardy, Chrysti; Johnson, Glynn; Ray, Edward; Spann, Christopher; Tiner, Brent Subject: RE: question Not easily. We could explicitly deny access to certain groups, but many times this results in unintended users being restricted because of unexpected group memberships. Deny will always overrule allow, but it can cause quite a few problems over time. Christopher Spann, MCSE Sr Specialist, Web Operations Enron Net Works 713.345.4986 -----Original Message----- From: Dronet, David Sent: Wednesday, February 21, 2001 4:36 PM To: Webrequests@ENRON Subject: question Is it possible to deny certain users access to a site even if Everyone is the blanket access for that site? Thanks, David Dronet