We have two types of machines on our network -- some users are authenticated to AD and some users (machines) are not.
I want to provide full internet access to our AD authenticated users, but only provide limited access to the users who connect their machines to the network but don't authenticate to AD.
I don't want any of them to be presented with an authentication pop up message when rules are processed.
What I would like to have happen is:
(1) users properly authenticated to AD show as those users for rule processing
(2) users (machines) who did not authenticate to AD are assigned an assumed AD user name 'UserXXX' for rules processing
If I use a credentials rule for the network IP range to assign a default user of 'UserXXX' and assume them to be authenticated, it overrides the credentials for our users on the same network who authenticated properly with AD.
Is there a way to do what I want to do short of having DHCP assign different IP networks or ranges to the two classes of users?
Thanks