Henning,
Thanks for the suggestion--I'll have a look at what setting up ISA
Server entails. This would certainly be the cleanest approach.
-- Steve
On Oct 27, 1:46 pm, "Henning Krause [MVP - Exchange]"
[quoted text, click to view] <newsgroups_rem...@this.infinitec.de> wrote:
> Hello,
>
> I think this is more an infrastructure question.
>
> I would suggest putting the cameras in a different subnet (or vlan) and
> protected this subnet with a firewall. Microsoft ISA Server can allow/deny
> traffic based on Windows group membership.
>
> Kind regards,
> Henning Krause
>
> <StevenVib...@hotmail.com> wrote in message
>
> news:1193403364.071883.129130@o38g2000hse.googlegroups.com...
>
>
>
> > I'm in the process of writing a WinForms application that will allow
> > viewing MJpeg streams from 30+ ip cameras located throughout our
> > facility. None of the cameras will be accessable via the internet.
>
> > Each camera has password protected access for up to 5 users. Some of
> > these camera are located in sensitive areas and I need to allow/deny
> > access to the camera based on AD group membership.
>
> > At present, I'm using System.DirectoryServices to get the user's group
> > membership and based on that membership allowing or denying access to
> > the camera. While this works, it forces me to hard code the camera's
> > password in the application and it doesn't solve the problem of a user
> > being able to enter the camera's ip address in a browser and being
> > presented with a camera log in screen. The latter is less of an issue
> > as it's unlikely that the user would be able to guess the camera's
> > username and password. However, I'd much prefer to make the camer'a
> > invisible to users that don't/shouldn't have access to these cameras.
>
> > Is there any way to limit access to specific ip addresses based on a
> > user's AD group membership? If not, does anyone have any suggestions?
>
> > Thanks -- Steve- Hide quoted text -
>
> - Show quoted text -
