asked on

Disabling Internet and using CD Rom Drive

I have some computers(5) on our network that need to be connected to the internet for e-mail and print connectivity. I need to restrict use of Internet Explorer and using the CD/DVD Drive on these computers, so they do not become movie machines or internet surfing machines. The only reason why these computers need to be connected is for e-mail and print capability to our network printers. Aside from bothering higher to place restrictions on AD, what can I do to the local security settings to ensure they can only check e-mail and print. Thanks in advance.

jvuz

If the really don't need the cd-rom drive, you could disconnect it in the box itself, and of course lock the box, so they can't reconnect it. For an other solution, it depends, are the pc's in a domain or workgroup?

WilliamK99

ASKER

the computers are in the domain. I was curious if there was a local setting or something I could do.

ASKER CERTIFIED SOLUTION

jvuz

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

SOLUTION

jvuz

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

r-k

You can use IE URL Lock to restrict what domains Internet Explorer can connect to:

http://ieurllock.sourceforge.net/

Rich Rumble

Users of these machines should be placed in restricted groups, like the Users group, rather than the default admin group, you can bypass AD settings if your in the admin group, and or install software like an alternate browser that ignores AD's restrictions, hosts files or proxy settings.
http://www.sysinternals.com/blog/2005/04/circumventing-group-policy-settings.html
http://www.sysinternals.com/blog/2005/12/circumventing-group-policy-as-limited.html
-rich

WilliamK99

ASKER

Thanks for your help, we were able to institute group policies, not the fix I wanted, but it did what I needed it to do.