如何使用脚本安装和配置ISA Client,并设定ISA客户端的自动侦测
2010-01-22 11:30
936 查看
如果企业需要大规模部署ISA Client,有几种方法可以进行:
1、共享ISA Client,让员工在自行安装;
2、采用SCCM进行部署;
3、加载在安装介质中,安装系统是自行安装;
4、采用脚本,通过组策略进行安装。
很多情况下,我们采用第四种方法进行,因为方法一不一定每个员工都能正常的进行安装,方法二不是每个企业都部署有SCCM,方法三不是每个系统都需要重新安装,方法四呢,现在绝大多数企业都部署有DC,客户端也是加入DC进行管理。
以下为ISA安装脚本的制作步骤:
================================
a. 下载ISA客户端:http://www.microsoft.com/DownLoads/details.aspx?displaylang=zh-cn&FamilyID=05c2c932-b15a-4990-b525-66380743da89
b. 将客户端放置在共享文件夹中,E.g. “\\fileserver\ISACLIENT-KB929556-CHS.EXE <file:///\\fileserver\ISACLIENT-KB929556-CHS.EXE>”.
c. 在命令行中运行(需要手动填写ISA服务器名):\\fileserver\ISACLIENT-KB929556-CHS.EXE <file:///\\fileserver\ISACLIENT-KB929556-CHS.EXE> /C:"setup.exe /Q /P ""SERVER_NAME_OR_IP=<ISAServerName> ENABLE_AUTO_DETECT=0 REFRESH_WEB_PROXY=0"""
更多方法可以参考 “how to distribute firewall client for ISA Server” :http://technet.microsoft.com/en-us/library/bb794739.aspx
那么如何让部署的客户端可以自动侦测到ISA服务器呢?微软官方也给出了方法:
1. Configure ISA server as the WPAD server.
1) Enable ISA server listen for Automatic Discovery request.
In ISA management console, please select “Networks” node, then right click “Internal” and select “Properties”. Select “Publish automatic discovery information” at “Auto Discovery” Tab. Please note, we need to use 80 port at “Use this port for automatic discovery requests” box since we choose DNS to create the WPAD entry.
2) Configure Bypass list.
If you hope internal clients could directly access some internal sites, you may want to add Bypass list at the “Web Browser” tab. ISA will according to the configuration to automatically change the WPAD file.
Please note, at this time, we must configure both the domain name and its IP address as below picture. Otherwise, we cannot bypass the internal sites through the WPAD file created by ISA.
3) Confirm we have enabled WPAD configuration in ISA server.
On the client, please put in <http://ISAServerInternalIPaddress/wpad.dat> at IE, it will prompt to download the wpad.dat file. It means we have enabled WPAD listen for internal requests on ISA.
2. Configure WPAD entry in DNS server.
Open the DNS console on DNS server. Expand “Forward lookup Zones”.
1) Right click “contoso.local”, select “New Host (A)…”. Add ISA server to a new host as below picture.
2) Right click “contoso.local”, select “New Alias (CNAME)…”. Add a new Alias as below and point it to ISA server.
3. Confirm the Client has enabled “Automatically Discovery settings”.
更多信息可以参考:
参考信息
1、Automatic Detection Concepts in ISA Server 2006 :http://technet.microsoft.com/en-us/library/bb794779.aspx
2、Configuring DNS and DHCP Support for Web Proxy and Firewall Client Autodiscovery:http://technet.microsoft.com/en-us/library/cc302584.aspx
1、共享ISA Client,让员工在自行安装;
2、采用SCCM进行部署;
3、加载在安装介质中,安装系统是自行安装;
4、采用脚本,通过组策略进行安装。
很多情况下,我们采用第四种方法进行,因为方法一不一定每个员工都能正常的进行安装,方法二不是每个企业都部署有SCCM,方法三不是每个系统都需要重新安装,方法四呢,现在绝大多数企业都部署有DC,客户端也是加入DC进行管理。
以下为ISA安装脚本的制作步骤:
================================
a. 下载ISA客户端:http://www.microsoft.com/DownLoads/details.aspx?displaylang=zh-cn&FamilyID=05c2c932-b15a-4990-b525-66380743da89
b. 将客户端放置在共享文件夹中,E.g. “\\fileserver\ISACLIENT-KB929556-CHS.EXE <file:///\\fileserver\ISACLIENT-KB929556-CHS.EXE>”.
c. 在命令行中运行(需要手动填写ISA服务器名):\\fileserver\ISACLIENT-KB929556-CHS.EXE <file:///\\fileserver\ISACLIENT-KB929556-CHS.EXE> /C:"setup.exe /Q /P ""SERVER_NAME_OR_IP=<ISAServerName> ENABLE_AUTO_DETECT=0 REFRESH_WEB_PROXY=0"""
更多方法可以参考 “how to distribute firewall client for ISA Server” :http://technet.microsoft.com/en-us/library/bb794739.aspx
那么如何让部署的客户端可以自动侦测到ISA服务器呢?微软官方也给出了方法:
1. Configure ISA server as the WPAD server.
1) Enable ISA server listen for Automatic Discovery request.
In ISA management console, please select “Networks” node, then right click “Internal” and select “Properties”. Select “Publish automatic discovery information” at “Auto Discovery” Tab. Please note, we need to use 80 port at “Use this port for automatic discovery requests” box since we choose DNS to create the WPAD entry.
2) Configure Bypass list.
If you hope internal clients could directly access some internal sites, you may want to add Bypass list at the “Web Browser” tab. ISA will according to the configuration to automatically change the WPAD file.
Please note, at this time, we must configure both the domain name and its IP address as below picture. Otherwise, we cannot bypass the internal sites through the WPAD file created by ISA.
3) Confirm we have enabled WPAD configuration in ISA server.
On the client, please put in <http://ISAServerInternalIPaddress/wpad.dat> at IE, it will prompt to download the wpad.dat file. It means we have enabled WPAD listen for internal requests on ISA.
2. Configure WPAD entry in DNS server.
Open the DNS console on DNS server. Expand “Forward lookup Zones”.
1) Right click “contoso.local”, select “New Host (A)…”. Add ISA server to a new host as below picture.
2) Right click “contoso.local”, select “New Alias (CNAME)…”. Add a new Alias as below and point it to ISA server.
3. Confirm the Client has enabled “Automatically Discovery settings”.
更多信息可以参考:
参考信息
1、Automatic Detection Concepts in ISA Server 2006 :http://technet.microsoft.com/en-us/library/bb794779.aspx
2、Configuring DNS and DHCP Support for Web Proxy and Firewall Client Autodiscovery:http://technet.microsoft.com/en-us/library/cc302584.aspx
相关文章推荐
- 如何使用脚本安装和配置ISA Client,并设定ISA客户端的自
- 使用shell脚本一键安装zabbix并配置客户端的自动发现选项
- redis安装,命令详解,配置详解,java客户端如何使用,都在这里
- ios无线方式安装应用程序-苹果企业证书打包的客户端如何使用plist下载
- 如何在Myeclipse下安装和使用svn客户端插件
- 如何在域环境使用脚本批量更改客户端本地管理员密码
- Git客户端图文详解如何安装配置GitHub操作流程攻略
- 如何在脚本配置环境变量后立即使用环境变量
- SVN客户端安装配置和使用(windows)
- Git客户端图文详解如何安装配置GitHub操作流程攻略
- asp.net TreeView安装、使用(如何将TreeView打包发布)(带CheckBox选择框的TreeView的初始化,TreeView客户端操作:选择父节点后自动选择所有子节点,子节点选择后自动选择父节点)(TreeView节点精确定位)2005-12-23更新
- 学习如何安装和使用 Rational Asset Manager Eclipse 客户端
- Ubuntu下安装成了客户端版本,纠结半天,教训啊,如何配置SSH服务器
- 如何在Myeclipse下安装和使用svn客户端插件
- Git客户端图文详解如何安装配置GitHub操作流程攻略
- SVN使用---服务端、客户端安装及配置、导入导出项目
- SVN客户端安装配置和使用(windows)
- Git客户端图文详解如何安装配置GitHub操作流程攻略
- 1.6.PHP7.1 女神级教程-将要与女神约会的地点【版本库客户端 git SourceTree安装配置使用】
- gitlab的安装配置以及如何使用