Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 199
  • Last Modified:

What is the best way to disable internet access for certain members of a child sub domain

I can't just kill the gateway as it is needed to link to my email system.  I need to find a way to kill internet access altogether for a couple users only but still allow them access to LAN resources.  I do not use a proxy not do I wish to install 3rd party software.  Group Policy would be best if possible
0
chitchcock
Asked:
chitchcock
  • 3
  • 2
1 Solution
 
Pete LongConsultantCommented:
Set a group policy that locks their proxy server to 127.0.0.1

Windows 2003 Creating and editing group policy

Group policies can be applied on a domain or an Organisational Unit, to apply a group policy in a 2003 domain environment, do the following.

On a domain controller open "Active directory Users and computers"

NOTE: As said above you can apply a GP to an OU in this instance we will deal with a domain GP, if you are concerned with a GP for an OU insert the "OU name" instead of the "Domain Name"

1. Locate the domain (top of the Tree) and right click it, then select "Properties"
2. Select the group policy Tab.
3. You will see the Default domain policy (and any other policies applied at this level)
4. You can create another domain policy by clicking "New" giving it a name and configuring it"
5. Ensure the default domain policy is highlighted and select "Edit" (unless you are working on another policy)
6. The Group policy object editor will open.
7. You can now edit the policy and close the editor when you are finished.
8. Back in the domain properties click "apply" and "OK"

Troubleshooting Group Policy in Windows Server 2003
http://www.microsoft.com/downloads/details.aspx?FamilyId=B24BF2D5-0D7A-4FC5-A14D-E91D211C21B2&displaylang=en

Group Policy Infrastructure White Paper
http://www.microsoft.com/downloads/details.aspx?FamilyId=D26E88BC-D445-4E8F-AA4E-B9C27061F7CA&displaylang=en

+++++++++++++++++++++Set the Proxy

Set Proxy Server: user configuration >windows settings >internet explorer maintenance >connection >proxy settings
    NOTE Proxy IP can be set in DHCP options also (See option 252 on the scope)

0
 
chitchcockAuthor Commented:
Could GP policy be used in this case on local machines of users I wish to restrict.  Of the 200 users in this subdomain, there are only a couple that need this policy applied
0
 
Pete LongConsultantCommented:
Yes on the offending machine

Start > Run > gpedit.msc

The policy is in the same place - it will work as long as you ARE NOT specifying a proxy in domain policy
0
 
chitchcockAuthor Commented:
Seems to work.  Thank you
0
 
Pete LongConsultantCommented:
ThanQ
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now