Solved

Restricting Terminal Server Users

Posted on 2009-05-20
12
222 Views
Last Modified: 2012-05-07
I have a TS where i want to restrict the internet for just the users. How ever i need them to be able to access this site still

this site  http://sql/enet1/netdfm


How do i do this?  Would Group Policy be the easiest. Server is Windows Server 2003 and its not a DC either.

Thanks in advance
0
Comment
Question by:Jiggens
  • 6
  • 5
12 Comments
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24433691
you could force the users to use a false Proxy 127.0.0.1 and then add  http://sql/enet1/netdfm
 as an exception.
0
 
LVL 1

Expert Comment

by:preshomes
ID: 24433740
I don't believe that this is possible using group policy.  You can deny all Internet access via group policy by providing a fake proxy but then you will not be able to reach the site listed above. You need to purchase a 3rd Party software app that allows you to block all web access and then add the address for the site above in a whitelist to allow access to it.

Example : http://www.spectorsoft.com/ 
Spector Pro  (this app may be a bit overboard but you get the idea)
0
 
LVL 47

Accepted Solution

by:
Donald Stewart earned 500 total points
ID: 24433766
"You can deny all Internet access via group policy by providing a fake proxy but then you will not be able to reach the site listed above. "
This is wrong!!

proxy.jpg
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 1

Author Comment

by:Jiggens
ID: 24433819
so i can put the exception in and it will work correctly ?
0
 
LVL 1

Author Comment

by:Jiggens
ID: 24433830
Also how do i set that up for just 1 server as i only have 1 terminal server?
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24434549
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24434562
0
 
LVL 1

Author Comment

by:Jiggens
ID: 24435813
Now if i do that would it restrict all users in the domain or will it just restrict the to the Terminal Server.
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24435849
if you apply the gpo to the same container that terminal server is in, than it will apply to only computers that are in this container.
0
 
LVL 1

Author Comment

by:Jiggens
ID: 24442191
Yeah it doesn't seem to be working,  I think my group policy isn't being applied.  I cant seem to get it to work correctly.
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24442470
Have you done a gpresult to verify?
0
 
LVL 1

Author Comment

by:Jiggens
ID: 24442817
he following GPOs were not applied because they were filtered out
    -------------------------------------------------------------------
        TS Users
            Filtering:  Denied (Security)

        Internet Restriction
            Filtering:  Not Applied (Empty)

        Local Group Policy
            Filtering:  Not Applied (Empty)
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question