?
Solved

Restricting Terminal Server Users

Posted on 2009-05-20
12
Medium Priority
?
227 Views
Last Modified: 2012-05-07
I have a TS where i want to restrict the internet for just the users. How ever i need them to be able to access this site still

this site  http://sql/enet1/netdfm


How do i do this?  Would Group Policy be the easiest. Server is Windows Server 2003 and its not a DC either.

Thanks in advance
0
Comment
Question by:Jiggens
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
12 Comments
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24433691
you could force the users to use a false Proxy 127.0.0.1 and then add  http://sql/enet1/netdfm
 as an exception.
0
 
LVL 1

Expert Comment

by:preshomes
ID: 24433740
I don't believe that this is possible using group policy.  You can deny all Internet access via group policy by providing a fake proxy but then you will not be able to reach the site listed above. You need to purchase a 3rd Party software app that allows you to block all web access and then add the address for the site above in a whitelist to allow access to it.

Example : http://www.spectorsoft.com/ 
Spector Pro  (this app may be a bit overboard but you get the idea)
0
 
LVL 47

Accepted Solution

by:
Donald Stewart earned 2000 total points
ID: 24433766
"You can deny all Internet access via group policy by providing a fake proxy but then you will not be able to reach the site listed above. "
This is wrong!!

proxy.jpg
0
Fill in the form and get your FREE NFR key NOW!

Veeam® is happy to provide a FREE NFR server license to certified engineers, trainers, and bloggers.  It allows for the non‑production use of Veeam Agent for Microsoft Windows. This license is valid for five workstations and two servers.

 
LVL 1

Author Comment

by:Jiggens
ID: 24433819
so i can put the exception in and it will work correctly ?
0
 
LVL 1

Author Comment

by:Jiggens
ID: 24433830
Also how do i set that up for just 1 server as i only have 1 terminal server?
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24434549
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24434562
0
 
LVL 1

Author Comment

by:Jiggens
ID: 24435813
Now if i do that would it restrict all users in the domain or will it just restrict the to the Terminal Server.
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24435849
if you apply the gpo to the same container that terminal server is in, than it will apply to only computers that are in this container.
0
 
LVL 1

Author Comment

by:Jiggens
ID: 24442191
Yeah it doesn't seem to be working,  I think my group policy isn't being applied.  I cant seem to get it to work correctly.
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24442470
Have you done a gpresult to verify?
0
 
LVL 1

Author Comment

by:Jiggens
ID: 24442817
he following GPOs were not applied because they were filtered out
    -------------------------------------------------------------------
        TS Users
            Filtering:  Denied (Security)

        Internet Restriction
            Filtering:  Not Applied (Empty)

        Local Group Policy
            Filtering:  Not Applied (Empty)
0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Group policies can be applied selectively to specific devices with the help of groups. Utilising this, it is possible to phase-in group policies, over a period of time, by randomly adding non-members user or computers at a set interval, to a group f…
How to deal with a specific error when using the Enable-RemoteMailbox cmdlet to create a mailbox in the cloud-based service, for an existing user in an on-premises Active Directory.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Suggested Courses

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question