djpatrick
asked on
Lockdown Windows OS for children
Hello
I am new for Windows 2003 Active Directory GPO - I understand its concepts for business use but would like to know if anyone has created a GPO for home use? I am particularly interested in protecting laptops in the home for use by children and making them safe for internet/general browsing. I use opendns for controlling the parental use policy but I need an understanding of the types of settings i should shut off so that no unwanted access is granted to the home network.
Thanks
I am new for Windows 2003 Active Directory GPO - I understand its concepts for business use but would like to know if anyone has created a GPO for home use? I am particularly interested in protecting laptops in the home for use by children and making them safe for internet/general browsing. I use opendns for controlling the parental use policy but I need an understanding of the types of settings i should shut off so that no unwanted access is granted to the home network.
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I had NetNanny for my kids pc, but it didn't seem to be a product that was going anywhere, so I moved to Cyber Patrol.
But, for Steady State, here's a good How-To:
http://lifehacker.com/397786/kid+proof-your-pc-with-steadystate
and
a toddler alternative:
http://lifehacker.com/395647/baby-smash-kid+proofs-your-computer
- also see the comments for other versions
But, for Steady State, here's a good How-To:
http://lifehacker.com/397786/kid+proof-your-pc-with-steadystate
and
a toddler alternative:
http://lifehacker.com/395647/baby-smash-kid+proofs-your-computer
- also see the comments for other versions
You may also want to check with your ISP, most of them have free tools and education they provide to their customers. http://www.cox.com/TakeCharge/includes/docs/take_charge.pdf
You can use the local security settings to restrict log on and times as well as restrict sites. The only problem is how to restrict and what to restrict. Using a 3rd party tool will let you restrict what you want as well as let you monitor exactly what is said and when. What they log into (facebook, myspace), what was said and what passwords are used.
You can use the local security settings to restrict log on and times as well as restrict sites. The only problem is how to restrict and what to restrict. Using a 3rd party tool will let you restrict what you want as well as let you monitor exactly what is said and when. What they log into (facebook, myspace), what was said and what passwords are used.
Buy a Terminal/Thin Client.
Create a mandatory user profile - this will not save any changes made to the system.
GPO can disable certain things - properties on taksbar of desktop for example can be disabled.
Create a mandatory user profile - this will not save any changes made to the system.
GPO can disable certain things - properties on taksbar of desktop for example can be disabled.
jruocco_1 I think that's going a little to far price wise. This is a father looking for simple way to protect his kids.
djpatrick check the link I sent you. it will give you some ideas on what you can do.
djpatrick check the link I sent you. it will give you some ideas on what you can do.
ASKER
Thanks to everyone for your replies
I like the idea of Windows Steady State and I had a quick look at it on my vm. In response to this - can SteadyState settings be controlled through GPO, e.g. are there extensions which you can import to enable policy enforcement?
I also like the concepts behind McAfee antivirus but need to be able to control those settings centrally - is there a version which supports settings via a server? Without paying through the nose - I know there are business class policy servers but this is for a small home network
I realise these things may be overkill for a small network but I'm amazed at how quickly my family is picking up the use of a PC/internet browsing. It's a sign of the times that the traditional reading, writing and arithmetic is being replaced by Reading, Arithmetic & IT in the school curriculum for children aged 4-5 and over!
Thanks again
I like the idea of Windows Steady State and I had a quick look at it on my vm. In response to this - can SteadyState settings be controlled through GPO, e.g. are there extensions which you can import to enable policy enforcement?
I also like the concepts behind McAfee antivirus but need to be able to control those settings centrally - is there a version which supports settings via a server? Without paying through the nose - I know there are business class policy servers but this is for a small home network
I realise these things may be overkill for a small network but I'm amazed at how quickly my family is picking up the use of a PC/internet browsing. It's a sign of the times that the traditional reading, writing and arithmetic is being replaced by Reading, Arithmetic & IT in the school curriculum for children aged 4-5 and over!
Thanks again
For controlling browsing you can ban certain IP address and websites from being accessed using your router.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If you want to lock down all but a few specific sites
http://www.boutell.com/newfaq/browser/restrictie.html
http://ask.metafilter.com/20098/Block-All-But-A-Handful-Of-Websites
Concerning using GPO
http://geekinparadise.com/2008/01/12/block-internet-access-for-specific-user-using-group-policy/