FW_H_EnableUserMap
To enable user mapping
In the console tree of ISA Server Management, click Virtual Private Networks (VPN).
In the details pane, click the VPN Clients tab.
On the Tasks tab, click Configure VPN Client Access.
On the User Mapping tab, click Enable User Mapping.
If the user name to be mapped does not include a domain name, select When username does not contain a domain, use this domain. Then, in Domain Name, type the name of the domain to use.
Note
To open ISA Server Management, click Start, point to All Programs, point to Microsoft ISA Server, and then click ISA Server Management.
For ISA Server 2006 Enterprise Edition, expand Microsoft Internet Security and Acceleration Server 2006, expand Arrays, expand Array_Name, and then click Virtual Private Networks (VPN)
For ISA Server 2006 Standard Edition, expand Microsoft Internet Security and Acceleration Server 2006, expand Server_Name, and then click Virtual Private Networks (VPN).
Important
If the Remote Authentication Dial-In User Service (RADIUS) server and ISA Server are in different domains (or if one is in a workgroup), user mapping is supported only for Password Authentication Protocol (PAP) and Shiva Password Authentication Protocol (SPAP) authentication methods. Do not use user mapping if any other authentication method is configured.
User mapping can be used only when ISA Server is installed in a domain. Do not enable user mapping in a workgroup environment.
The user mapping feature is required only when you create a group-based firewall policy. To build a user-based policy, you can define user sets with RADIUS namespaces, instead.