We help IT Professionals succeed at work.

How to limit domain users web access without group policy

darran_d asked
Medium Priority
Last Modified: 2013-12-08
Hi All

I need to limit a user accounts access to only be allowed get to to the Intranet page on one of our PC's here.
We can't do this through group policy at the moment because of internal wrangling, we are a satellit office and are on the bottom of the list.

Basically its a domain user account which will only be logging onto one PC and which will only need access to the intranet.

I tried things like Windows Steadystate but this doesnt work on a domain account, I could put in a weird non existent proxy and just disable it to local access but then they are able to go into the internet settings and disable it...

Basically I need to lockit down as much as possible on this one machine but need to do it locally...

All help apreciated..
Watch Question

Ive done this successfully by mucking with the ROUTE command.

Create a .CMD file to :

1. Modify the default gateway to point to some useless place like the loopback address..

2. Create a second route for internal routing to go to the correct default gateway.


This should correctly route to any address beginning with 10.x.x.x. but fail to get outside the local broadcast domain for any other address.

You can then launch the CMD from the login script, registry autorun, scheduled task, or your favorite injection point.

Good luck.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts


Thanks for the reply...

I have tried this but unfortunatley it wouldnt suit my purposes, Instead I had to go through Group Policy...
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.