Solved

What is the best way to disable internet access for certain members of a child sub domain

Posted on 2006-11-07
5
194 Views
Last Modified: 2010-03-18
I can't just kill the gateway as it is needed to link to my email system.  I need to find a way to kill internet access altogether for a couple users only but still allow them access to LAN resources.  I do not use a proxy not do I wish to install 3rd party software.  Group Policy would be best if possible
0
Comment
Question by:chitchcock
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 57

Accepted Solution

by:
Pete Long earned 500 total points
ID: 17890089
Set a group policy that locks their proxy server to 127.0.0.1

Windows 2003 Creating and editing group policy

Group policies can be applied on a domain or an Organisational Unit, to apply a group policy in a 2003 domain environment, do the following.

On a domain controller open "Active directory Users and computers"

NOTE: As said above you can apply a GP to an OU in this instance we will deal with a domain GP, if you are concerned with a GP for an OU insert the "OU name" instead of the "Domain Name"

1. Locate the domain (top of the Tree) and right click it, then select "Properties"
2. Select the group policy Tab.
3. You will see the Default domain policy (and any other policies applied at this level)
4. You can create another domain policy by clicking "New" giving it a name and configuring it"
5. Ensure the default domain policy is highlighted and select "Edit" (unless you are working on another policy)
6. The Group policy object editor will open.
7. You can now edit the policy and close the editor when you are finished.
8. Back in the domain properties click "apply" and "OK"

Troubleshooting Group Policy in Windows Server 2003
http://www.microsoft.com/downloads/details.aspx?FamilyId=B24BF2D5-0D7A-4FC5-A14D-E91D211C21B2&displaylang=en

Group Policy Infrastructure White Paper
http://www.microsoft.com/downloads/details.aspx?FamilyId=D26E88BC-D445-4E8F-AA4E-B9C27061F7CA&displaylang=en

+++++++++++++++++++++Set the Proxy

Set Proxy Server: user configuration >windows settings >internet explorer maintenance >connection >proxy settings
    NOTE Proxy IP can be set in DHCP options also (See option 252 on the scope)

0
 

Author Comment

by:chitchcock
ID: 17890143
Could GP policy be used in this case on local machines of users I wish to restrict.  Of the 200 users in this subdomain, there are only a couple that need this policy applied
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 17894034
Yes on the offending machine

Start > Run > gpedit.msc

The policy is in the same place - it will work as long as you ARE NOT specifying a proxy in domain policy
0
 

Author Comment

by:chitchcock
ID: 17909596
Seems to work.  Thank you
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 17916310
ThanQ
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Linksys 4 port wireless router 62 66
Cannot create a homegroup on my computer 7 33
Password recovery software 4 38
80072efd error while checking for updates. 20 46
A brief overview to explain gateways, default gateways and static routes OR NO - you CANNOT have two default gateways on the same server, PC or other Windows-based network device. In simple terms a gateway is formed when a computer such as a serv…
Resolve DNS query failed errors for Exchange
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
In a recent question (https://www.experts-exchange.com/questions/29004105/Run-AutoHotkey-script-directly-from-Notepad.html) here at Experts Exchange, a member asked how to run an AutoHotkey script (.AHK) directly from Notepad++ (aka NPP). This video…

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question