?
Solved

Internet access via GPO

Posted on 2006-04-06
11
Medium Priority
?
173 Views
Last Modified: 2010-04-18
Hello. I have a AD PDC (Server 2003 Standard) and would like to allow a specific user access to only one particular web site via GPO. Is there a way to do this?

Thank you,

Supercell
0
Comment
Question by:supercell29
  • 5
  • 3
9 Comments
 
LVL 19

Expert Comment

by:jss1199
ID: 16394770
Hi supercell29,

You can do this by setting Approved Sites through Content Advisor by importing the Content Ratings settings in User Configuration\Windows Settings\Internet Explorer Maintenance\Security and adding a list of approved sites.  Be sure to place the user in a specific OU and apply this GPO only to that OU

Cheers!
0
 

Author Comment

by:supercell29
ID: 16395586
This is great, however, even though this is assigned to a specific user in a specific OU and the GPO is assigned to the OU I am still able to surf all sites as that specific user. I rebooted the machine and still everything is viewable. In approved sites in the GPO I have the specific sites listed that this person can go to. What am I missing?
0
 

Author Comment

by:supercell29
ID: 16395637
Multiple users login to this PC. It seems that it works now, however, ALL users using this machine are restricted even though I have a specific user within that OU on the PDC.
0
Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

 
LVL 19

Expert Comment

by:jss1199
ID: 16396200
enable "Always wait for the network at computer startup and logon" in your GPO and the client using gpupdate....Reboot and log on as a user that should be able to access Inet and test.  Then logon as the restricted user and test
0
 

Author Comment

by:supercell29
ID: 16396369
Will try this tomorrow. I will let you know then.

Thank you so far!!

sc
0
 
LVL 22

Accepted Solution

by:
mcsween earned 500 total points
ID: 16400651
While this is possible via a GPO I have experienced it being very buggy in the past.  I have a couple computers that require a little more specific lockdown other than all or nothing.  On these computers I use Cyberpatrol.
0
 

Author Comment

by:supercell29
ID: 16401661
"Always wait for the network at computer startup and logon": Where do I find this? I also cannot find gpupdate.

I will try this out before looking into Cyberpatrol.

Thanks,

Ian

0
 
LVL 19

Expert Comment

by:jss1199
ID: 16401739
"Always wait for the network at computer startup and logon" is in your domain Group Policy.  Open ADU&C and right click on your domain name and select Properties -> Group Policy - EDIT.

When your GPO comes up, select Computer Configuration -> Administrative templates -> System -> Logon.  You will see the setting at the right.  Double-click and select enable.

after making the change, on the CLIENT PC run the command gpupdate /force from start -> Run dialog.

Reboot.

test
0
 

Author Comment

by:supercell29
ID: 16401963
mcsween: The bugs still exist! Cyberpatrol will be my next option.

jss1199: Thank you for all the information, however, no dice. Even though the GPO assigned to the OU in which the specific user is located was altered with all the information you have given I still am restricted on Internet Explorer when I log in as myself (the administrator), and as another user who needs total web access. My solution is to allow the user who is allowed full web access to use Firefox while the restricted user is only allowed to use Internet Explorer via GPO restrictions. If you know of any other way please let me know. This PC will be here most of today.

SC
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The HP utility "HP Lights-Out Online Configuration Utility for Windows Server 2003/2008" could be of great use when it comes to remotely configure a HP servers ILO WITHOUT rebooting the server. We would only need to create and run scripts using thi…
Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
Integration Management Part 2
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question