supercell29
asked on
Internet access via GPO
Hello. I have a AD PDC (Server 2003 Standard) and would like to allow a specific user access to only one particular web site via GPO. Is there a way to do this?
Thank you,
Supercell
Thank you,
Supercell
ASKER
This is great, however, even though this is assigned to a specific user in a specific OU and the GPO is assigned to the OU I am still able to surf all sites as that specific user. I rebooted the machine and still everything is viewable. In approved sites in the GPO I have the specific sites listed that this person can go to. What am I missing?
ASKER
Multiple users login to this PC. It seems that it works now, however, ALL users using this machine are restricted even though I have a specific user within that OU on the PDC.
enable "Always wait for the network at computer startup and logon" in your GPO and the client using gpupdate....Reboot and log on as a user that should be able to access Inet and test. Then logon as the restricted user and test
ASKER
Will try this tomorrow. I will let you know then.
Thank you so far!!
sc
Thank you so far!!
sc
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
"Always wait for the network at computer startup and logon": Where do I find this? I also cannot find gpupdate.
I will try this out before looking into Cyberpatrol.
Thanks,
Ian
I will try this out before looking into Cyberpatrol.
Thanks,
Ian
"Always wait for the network at computer startup and logon" is in your domain Group Policy. Open ADU&C and right click on your domain name and select Properties -> Group Policy - EDIT.
When your GPO comes up, select Computer Configuration -> Administrative templates -> System -> Logon. You will see the setting at the right. Double-click and select enable.
after making the change, on the CLIENT PC run the command gpupdate /force from start -> Run dialog.
Reboot.
test
When your GPO comes up, select Computer Configuration -> Administrative templates -> System -> Logon. You will see the setting at the right. Double-click and select enable.
after making the change, on the CLIENT PC run the command gpupdate /force from start -> Run dialog.
Reboot.
test
ASKER
mcsween: The bugs still exist! Cyberpatrol will be my next option.
jss1199: Thank you for all the information, however, no dice. Even though the GPO assigned to the OU in which the specific user is located was altered with all the information you have given I still am restricted on Internet Explorer when I log in as myself (the administrator), and as another user who needs total web access. My solution is to allow the user who is allowed full web access to use Firefox while the restricted user is only allowed to use Internet Explorer via GPO restrictions. If you know of any other way please let me know. This PC will be here most of today.
SC
jss1199: Thank you for all the information, however, no dice. Even though the GPO assigned to the OU in which the specific user is located was altered with all the information you have given I still am restricted on Internet Explorer when I log in as myself (the administrator), and as another user who needs total web access. My solution is to allow the user who is allowed full web access to use Firefox while the restricted user is only allowed to use Internet Explorer via GPO restrictions. If you know of any other way please let me know. This PC will be here most of today.
SC
You can do this by setting Approved Sites through Content Advisor by importing the Content Ratings settings in User Configuration\Windows Settings\Internet Explorer Maintenance\Security and adding a list of approved sites. Be sure to place the user in a specific OU and apply this GPO only to that OU
Cheers!