Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

What is the best way to disable internet access for certain members of a child sub domain

Posted on 2006-11-07
5
Medium Priority
?
197 Views
Last Modified: 2010-03-18
I can't just kill the gateway as it is needed to link to my email system.  I need to find a way to kill internet access altogether for a couple users only but still allow them access to LAN resources.  I do not use a proxy not do I wish to install 3rd party software.  Group Policy would be best if possible
0
Comment
Question by:chitchcock
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 57

Accepted Solution

by:
Pete Long earned 2000 total points
ID: 17890089
Set a group policy that locks their proxy server to 127.0.0.1

Windows 2003 Creating and editing group policy

Group policies can be applied on a domain or an Organisational Unit, to apply a group policy in a 2003 domain environment, do the following.

On a domain controller open "Active directory Users and computers"

NOTE: As said above you can apply a GP to an OU in this instance we will deal with a domain GP, if you are concerned with a GP for an OU insert the "OU name" instead of the "Domain Name"

1. Locate the domain (top of the Tree) and right click it, then select "Properties"
2. Select the group policy Tab.
3. You will see the Default domain policy (and any other policies applied at this level)
4. You can create another domain policy by clicking "New" giving it a name and configuring it"
5. Ensure the default domain policy is highlighted and select "Edit" (unless you are working on another policy)
6. The Group policy object editor will open.
7. You can now edit the policy and close the editor when you are finished.
8. Back in the domain properties click "apply" and "OK"

Troubleshooting Group Policy in Windows Server 2003
http://www.microsoft.com/downloads/details.aspx?FamilyId=B24BF2D5-0D7A-4FC5-A14D-E91D211C21B2&displaylang=en

Group Policy Infrastructure White Paper
http://www.microsoft.com/downloads/details.aspx?FamilyId=D26E88BC-D445-4E8F-AA4E-B9C27061F7CA&displaylang=en

+++++++++++++++++++++Set the Proxy

Set Proxy Server: user configuration >windows settings >internet explorer maintenance >connection >proxy settings
    NOTE Proxy IP can be set in DHCP options also (See option 252 on the scope)

0
 

Author Comment

by:chitchcock
ID: 17890143
Could GP policy be used in this case on local machines of users I wish to restrict.  Of the 200 users in this subdomain, there are only a couple that need this policy applied
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 17894034
Yes on the offending machine

Start > Run > gpedit.msc

The policy is in the same place - it will work as long as you ARE NOT specifying a proxy in domain policy
0
 

Author Comment

by:chitchcock
ID: 17909596
Seems to work.  Thank you
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 17916310
ThanQ
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question