Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
restrict internet use 1
- Thread starter SMO6
- Start date
- Thread starter
- #3
If you want to control both access to the Internet and access to sites, then you'll need to go with WebSense or Screen Door, or one of the other third-party solutions. There's no way that I know of to do all that with Windows 2000. We have stopped users from running Internet Explorer by simply deleting their permission to run the application, but we haven't found any way to filter web sites without outside help.
Skip Tarrant, MCSE
Choice Solutions of Joplin
Joplin, MO, USA
Skip Tarrant, MCSE
Choice Solutions of Joplin
Joplin, MO, USA
yes, you can control from GPO, but it's very limited. Maximum char that you can enter is 255 chars.
So if you want to allow access to and you can type *.microsoft.*;*.tek-tips.* = 26 Char. The result they can go to any site that contains .microsoft. and .tek-tips.
If those site contain links to another sites they will see the red X.
So if you want to allow access to and you can type *.microsoft.*;*.tek-tips.* = 26 Char. The result they can go to any site that contains .microsoft. and .tek-tips.
If those site contain links to another sites they will see the red X.
-
1
- #6
There's a workaround (i've posted this before somewhere):
1. In the proxy settings of the IE, enter a fictitious domain, bogusdomain and port 80.
2. Now in the 'Exceptions' box type the website and other urls related to this site that you want your user to have an access.(if you're not sure which related urls, then goto 'view source' from the pop up menu.
That will do, but for advance users:
3. Start/run/gpedit.msc
goto: User Configuration/Administrative Templates/ Windows Component/Internet Explorer/Internet Control Pane/Disable the Conection page. Now Right Click 'Properties' and check 'Enable' box.
Now nobody can remove the bogusdomain port 80.
1. In the proxy settings of the IE, enter a fictitious domain, bogusdomain and port 80.
2. Now in the 'Exceptions' box type the website and other urls related to this site that you want your user to have an access.(if you're not sure which related urls, then goto 'view source' from the pop up menu.
That will do, but for advance users:
3. Start/run/gpedit.msc
goto: User Configuration/Administrative Templates/ Windows Component/Internet Explorer/Internet Control Pane/Disable the Conection page. Now Right Click 'Properties' and check 'Enable' box.
Now nobody can remove the bogusdomain port 80.
hi SMO6,
I agree with ricpinto : this tecnique (policy) I have
used to disable internet browsing to an OU of hundreds of users (against the total) in a Terminal Server Env., without disbling IE (almost difficult and useful to navigate in intranet environment) and without blank Default Gateway ( easy way but with many side-effects).
I agree with ricpinto : this tecnique (policy) I have
used to disable internet browsing to an OU of hundreds of users (against the total) in a Terminal Server Env., without disbling IE (almost difficult and useful to navigate in intranet environment) and without blank Default Gateway ( easy way but with many side-effects).
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question