Solved

Control Web Access by User Name

Posted on 2006-11-07
8
148 Views
Last Modified: 2010-04-18
I need to be able to control who accesses the web by network user name. I specifically want to block out all web access for certain people (or a group would work too) but I still need to be able to give them email (pop3) access.

Server is windows 2003 Server.

Any ideas?
0
Comment
Question by:bazianm
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
8 Comments
 
LVL 6

Expert Comment

by:trippleO7
ID: 17889241
Are you running IIS, apache, or other to host your site???  and is it only domain users (internally) who you want to block and is it a public or intranet site?  Need a little more info.
0
 

Author Comment

by:bazianm
ID: 17889401
I want to be able to determine which users on my network can get outside the network to browse the web. Most of the users should not have the ability to bring up ANY INTERNET web sites (as opposed to our local intranet which is running Apache on Win2k3 server).

The users who cannot get to the web do need to be able to get and send email using pop3 so I cannot block their connections entirely. Just web access.
0
 
LVL 5

Expert Comment

by:dynamitedotorg
ID: 17889597
How do they access it at the moment? Direct connection from their PCs?

If you want to restrict by username, you'll need to put in place some form of proxy which only allows specified users to access external websites, and then only allow access from that proxy through your firewall.
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 

Author Comment

by:bazianm
ID: 17889700
Right now they go right out. I do not have a proxy server or a firewall (other than the router firewall).

Any ideas which proxy server will do the trick? And then what do I do... restrict port 80 only to the computer running the proxy server at the router level?
0
 
LVL 6

Accepted Solution

by:
trippleO7 earned 125 total points
ID: 17889791
Squid Proxy is a very popular one.  http://www.squid-cache.org

Otherwise I've installed IPCop to do this.  http://ipcop.org
0
 
LVL 5

Expert Comment

by:dynamitedotorg
ID: 17889808
You will need to restrict external access purely to the proxy on ports 80 and 443 as a minimum. Ideally you block all access from the client PCs and only open up what they actually need e.g. POP3.

As far as proxy software goes, I've use MS ISA server quite successfully, but that'll probably cost you money. If you aren't afraid to get your hands dirty I believe there is a Windows port of Squid which is free, although I've not looked at it for a few years.
0

Featured Post

Why You Need a DevOps Toolchain

IT needs to deliver services with more agility and velocity. IT must roll out application features and innovations faster to keep up with customer demands, which is where a DevOps toolchain steps in. View the infographic to see why you need a DevOps toolchain.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question