Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Restricting Terminal Server Users

Posted on 2009-05-20
12
Medium Priority
?
229 Views
Last Modified: 2012-05-07
I have a TS where i want to restrict the internet for just the users. How ever i need them to be able to access this site still

this site  http://sql/enet1/netdfm


How do i do this?  Would Group Policy be the easiest. Server is Windows Server 2003 and its not a DC either.

Thanks in advance
0
Comment
Question by:Jiggens
  • 6
  • 5
12 Comments
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24433691
you could force the users to use a false Proxy 127.0.0.1 and then add  http://sql/enet1/netdfm
 as an exception.
0
 
LVL 1

Expert Comment

by:preshomes
ID: 24433740
I don't believe that this is possible using group policy.  You can deny all Internet access via group policy by providing a fake proxy but then you will not be able to reach the site listed above. You need to purchase a 3rd Party software app that allows you to block all web access and then add the address for the site above in a whitelist to allow access to it.

Example : http://www.spectorsoft.com/ 
Spector Pro  (this app may be a bit overboard but you get the idea)
0
 
LVL 47

Accepted Solution

by:
Donald Stewart earned 2000 total points
ID: 24433766
"You can deny all Internet access via group policy by providing a fake proxy but then you will not be able to reach the site listed above. "
This is wrong!!

proxy.jpg
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
LVL 1

Author Comment

by:Jiggens
ID: 24433819
so i can put the exception in and it will work correctly ?
0
 
LVL 1

Author Comment

by:Jiggens
ID: 24433830
Also how do i set that up for just 1 server as i only have 1 terminal server?
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24434549
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24434562
0
 
LVL 1

Author Comment

by:Jiggens
ID: 24435813
Now if i do that would it restrict all users in the domain or will it just restrict the to the Terminal Server.
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24435849
if you apply the gpo to the same container that terminal server is in, than it will apply to only computers that are in this container.
0
 
LVL 1

Author Comment

by:Jiggens
ID: 24442191
Yeah it doesn't seem to be working,  I think my group policy isn't being applied.  I cant seem to get it to work correctly.
0
 
LVL 47

Expert Comment

by:Donald Stewart
ID: 24442470
Have you done a gpresult to verify?
0
 
LVL 1

Author Comment

by:Jiggens
ID: 24442817
he following GPOs were not applied because they were filtered out
    -------------------------------------------------------------------
        TS Users
            Filtering:  Denied (Security)

        Internet Restriction
            Filtering:  Not Applied (Empty)

        Local Group Policy
            Filtering:  Not Applied (Empty)
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wouldn't it be nice if objects in Active Directory automatically moved into the correct Organizational Units? This is what AutoAD aims to do and as a plus, it automatically creates Sites, Subnets, and Organizational Units.
Transferring FSMO roles is done when an admin wants to split roles between certain Domain Controllers or the Domain Controller holding the Roles has been forcefully demoted using dcpromo / forceremoval
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question