Solved

Group policy in Windows 2003 server and Active Directory

Posted on 2007-04-07
11
276 Views
Last Modified: 2008-02-01
How can I block the downloading of files from Internet by clients using MS Windows 2003 server AD and Group policy? I am using Server 2003 Enterprise Edition.
0
Comment
Question by:shahidaeng
  • 7
  • 4
11 Comments
 
LVL 57

Accepted Solution

by:
Pete Long earned 500 total points
ID: 18869041
Hello shahidaeng,

Farm out this registry key http://www.pctools.com/guides/registry/detail/901/ via GPO

Distribute Registry Entries via Grop policy

On an Client PC (that has the admin tools installed) set up the registry key as required (HKLM, HKU or HKCR only)
Start > Run > dsa.msc
Launch the policy editor (right click Domain/OU> Properties> Group policy)
Navigate to, Computer configuration > Windows Settings > Security Settings > Registry

Right click in the right hand pane > add Key
Navigate to the key you set up earlier.


How to add, modify, or delete registry subkeys and values by using a registration entries (.reg) file
http://support.microsoft.com/default.aspx?kbid=310516


Regards,

PeteLong
0
 

Author Comment

by:shahidaeng
ID: 18869078
Without editing the registry can I do it?
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 18869127
Not that Im aware of - unless you have an ISA server
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:shahidaeng
ID: 18869130
Could you plz explain little more?
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 18869135
oh hang on yes you can...................
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 18869145
................... Heres how todo it without touching the registry

On the Server Open Internet Explorer > Tools Internet Options > Security > Click “Custom Level” Button.
Drill down to Downloads > File Downloads > Tick Disable. OK > Apply > OK

Now create or edit an existing group policy and Navigate to
User Configuration > Windows Settings > Internet Explorer Maintenance > Security > Security Zones and Content Rating > On the security zones and privacy section, >  "Import the current security zones and privacy settings".

job done
0
 

Author Comment

by:shahidaeng
ID: 18869386
In our domain we have one OU with all clients. For that OU there is already one Group policy. I edited that like......... User confgrn->Admin templates->Windows components->IE->Internet Control panel-> Security page->                    For Internet zone and Trusted sites zone I disabled file downloading and applied it.   But it is not working.  What is the difference between Internet zone and Locked Internet zone?
And if one property is enabled in Domain level policy and the same disabled in OU level policy, which will take effect.
0
 

Author Comment

by:shahidaeng
ID: 18869419
I had tried the solution you said also, but that is also not working. Still I can download files.
0
 

Author Comment

by:shahidaeng
ID: 18873087
How can I block the downloading of files from Internet by clients using MS Windows 2003 server AD and Group policy? I am using Server 2003 Enterprise Edition. plz answer me. i hav already tried a couple of ways, bt stil none of them didnt work. plz help me. many tnx.
0
 

Author Comment

by:shahidaeng
ID: 18880507
You instructed me to edit HKLM, HKU, and HKCR. So do I want to add all these three values to Group policy- security settings registry?
0
 

Author Comment

by:shahidaeng
ID: 18880841
Now when I click Download it will prompt for Save, Open, Cancel.
If I will give Save it will show message that security settings are not allowing this.
But if I wll click on open, it will first download to Temp and I can open the file. This is also equal to downloading, right? So how can I block that also?
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to customise Office 2016 font settings with a GPO 3 95
Event ID: 5719 / Source: NETLOGON 9 133
Trasfering FSMO roles 8 104
Unexpected Windows system folders on D drive 16 86
Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question