Tom_Hickerson
asked on
Restrict web browsing on Terminal Server
I have a windows 2000 server with terminal services, and I have been using the policy editor to restrict their ability to do things, but I can figure out how to not let them browse the web. I have removed the internet explorer icon, but the can still open my documents and type in an address in the address bar...
Thanks,
Tom
Thanks,
Tom
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Duh - I just saw your post house -
Also see here:
http://support.microsoft.com/support/kb/articles/Q174/3/60.ASP
Also see here:
http://support.microsoft.com/support/kb/articles/Q174/3/60.ASP
Tom_H, in the policy, under the user settings, you can restrict access to certain web sites. I take it that you already habe a OU for the TS users with an own GPO, so just set it up in this GP...
Just put permissions on Iexplore.exe. That should prevent them from browsing.
geoffryn, that's not a very good idea due to the integration if IE and the file explorer (you can switch a windows from normal file explorer to internet explorer just by changing the content of the address bar). IE is a COM object and often used as such (like, for all help pages and similar) - therefore I would not use this approach.
I think that if you did not set the browser up in Kiosk mode or use IEAK to configure that you might have to set up a dummy proxy.
So that would involve changing
1. change proxy settings in IE.
2. Set no address for the proxy server
3. set a domain that that does not need proxy in the exceptions box at the bottom.