Solved

Control Web Access by User Name

Posted on 2006-11-07
8
145 Views
Last Modified: 2010-04-18
I need to be able to control who accesses the web by network user name. I specifically want to block out all web access for certain people (or a group would work too) but I still need to be able to give them email (pop3) access.

Server is windows 2003 Server.

Any ideas?
0
Comment
Question by:bazianm
  • 2
  • 2
  • 2
8 Comments
 
LVL 6

Expert Comment

by:trippleO7
ID: 17889241
Are you running IIS, apache, or other to host your site???  and is it only domain users (internally) who you want to block and is it a public or intranet site?  Need a little more info.
0
 

Author Comment

by:bazianm
ID: 17889401
I want to be able to determine which users on my network can get outside the network to browse the web. Most of the users should not have the ability to bring up ANY INTERNET web sites (as opposed to our local intranet which is running Apache on Win2k3 server).

The users who cannot get to the web do need to be able to get and send email using pop3 so I cannot block their connections entirely. Just web access.
0
 
LVL 5

Expert Comment

by:dynamitedotorg
ID: 17889597
How do they access it at the moment? Direct connection from their PCs?

If you want to restrict by username, you'll need to put in place some form of proxy which only allows specified users to access external websites, and then only allow access from that proxy through your firewall.
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 

Author Comment

by:bazianm
ID: 17889700
Right now they go right out. I do not have a proxy server or a firewall (other than the router firewall).

Any ideas which proxy server will do the trick? And then what do I do... restrict port 80 only to the computer running the proxy server at the router level?
0
 
LVL 6

Accepted Solution

by:
trippleO7 earned 125 total points
ID: 17889791
Squid Proxy is a very popular one.  http://www.squid-cache.org

Otherwise I've installed IPCop to do this.  http://ipcop.org
0
 
LVL 5

Expert Comment

by:dynamitedotorg
ID: 17889808
You will need to restrict external access purely to the proxy on ports 80 and 443 as a minimum. Ideally you block all access from the client PCs and only open up what they actually need e.g. POP3.

As far as proxy software goes, I've use MS ISA server quite successfully, but that'll probably cost you money. If you aren't afraid to get your hands dirty I believe there is a Windows port of Squid which is free, although I've not looked at it for a few years.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now