Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Restricting Terminal Server Users

Posted on 2009-05-20
12
223 Views
Last Modified: 2012-05-07
I have a TS where i want to restrict the internet for just the users. How ever i need them to be able to access this site still

this site  http://sql/enet1/netdfm


How do i do this?  Would Group Policy be the easiest. Server is Windows Server 2003 and its not a DC either.

Thanks in advance
0
Comment
Question by:Jiggens
  • 6
  • 5
12 Comments
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24433691
you could force the users to use a false Proxy 127.0.0.1 and then add  http://sql/enet1/netdfm
 as an exception.
0
 
LVL 1

Expert Comment

by:preshomes
ID: 24433740
I don't believe that this is possible using group policy.  You can deny all Internet access via group policy by providing a fake proxy but then you will not be able to reach the site listed above. You need to purchase a 3rd Party software app that allows you to block all web access and then add the address for the site above in a whitelist to allow access to it.

Example : http://www.spectorsoft.com/ 
Spector Pro  (this app may be a bit overboard but you get the idea)
0
 
LVL 47

Accepted Solution

by:
Donald Stewart earned 500 total points
ID: 24433766
"You can deny all Internet access via group policy by providing a fake proxy but then you will not be able to reach the site listed above. "
This is wrong!!

proxy.jpg
0
Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

 
LVL 1

Author Comment

by:Jiggens
ID: 24433819
so i can put the exception in and it will work correctly ?
0
 
LVL 1

Author Comment

by:Jiggens
ID: 24433830
Also how do i set that up for just 1 server as i only have 1 terminal server?
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24434549
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24434562
0
 
LVL 1

Author Comment

by:Jiggens
ID: 24435813
Now if i do that would it restrict all users in the domain or will it just restrict the to the Terminal Server.
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24435849
if you apply the gpo to the same container that terminal server is in, than it will apply to only computers that are in this container.
0
 
LVL 1

Author Comment

by:Jiggens
ID: 24442191
Yeah it doesn't seem to be working,  I think my group policy isn't being applied.  I cant seem to get it to work correctly.
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24442470
Have you done a gpresult to verify?
0
 
LVL 1

Author Comment

by:Jiggens
ID: 24442817
he following GPOs were not applied because they were filtered out
    -------------------------------------------------------------------
        TS Users
            Filtering:  Denied (Security)

        Internet Restriction
            Filtering:  Not Applied (Empty)

        Local Group Policy
            Filtering:  Not Applied (Empty)
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question