Solved

Restricting Name Resolution

Posted on 2004-04-16
8
218 Views
Last Modified: 2011-09-20
Background:

I have a home network comprising 6 Win2K Pro machines, 1 Win2K server running AD, and a Draytek Vigor2600W providing ASDL access. Currently the Draytek provides DHCP and DNS services as the Server has a bad habit of crashing.

I would like to be able to set a policy on certain users not to be able to resolve names to ip's when they are logged in to any machine. I have created the policy on the Server, and assumed that if I was to disable the loading of the "DNS Client" that the machine would not be able to resolve any names. Unfortunately this does not appear to be the case. I assume that the workstation is just requesting that the Draytek router does the Name Resolution for it.

I am looking for possible workarounds.

Many Thanks
Andrew
0
Comment
Question by:Nermal
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
8 Comments
 
LVL 67

Expert Comment

by:sirbounty
ID: 10847465
For any specific sites or all?
Why would you want to do this?  Just curious if I'm following you...
0
 
LVL 1

Author Comment

by:Nermal
ID: 10847517
All sites, if I want to give access to specific sites I could easily put the in a hosts file?

This is a large family with a lot of people coming and going, ages ranging from 1 - 30 (about 15+ people)
It is really to stop the smaller kids getting to sites they shouldn't, would like to give them access to thinks like www.bbc.co.uk/cbbc/ etc

Andrew
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 10847568
Will a proxy server, or something like NetNanny work for you?
0
The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

 
LVL 67

Accepted Solution

by:
sirbounty earned 250 total points
ID: 10847610
Or...
You could place this in a login script:

netsh int ip set dns "Local Area Connection" static 192.168.0.254

Start->Run->Gpedti.msc
User Config/Windows Settings/Scripts - Logon
0
 
LVL 1

Author Comment

by:Nermal
ID: 10848459
Spot on :-)

Thankyou!

Andrew
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 10849158
Thanx Andrew - you'll probably need an automated way of changing that back..
I'm not sure, but think a reboot would reset it back, although a simply ipconfig /release & /renew will not...
Good luck!
0
 
LVL 1

Author Comment

by:Nermal
ID: 10849203
I have written the login script to solve that problem, but have discovered that if the user is not a local administrator then the "netsh" command returns a "invalid interface" error.

Any ideas, apart from giving people local admin rights, which I don't mind doing but would prefer not.

Andrew
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 10849562
Er, if you don't mind 'revealing' your password for an admin account...

Use RUNAS..(type RUNAS /? from a command prompt).
You can use this to temporarily execute the netsh environment...
0

Featured Post

What Is Transaction Monitoring and who needs it?

Synthetic Transaction Monitoring that you need for the day to day, which ensures your business website keeps running optimally, and that there is no downtime to impact your customer experience.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
This article outlines some of the reasons why an email message gets flagged as spam on a recipient's end.
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question