- SBS
- Windows Server 2003
- Windows Networking
- Dell
Group Policy to remove access to network connections
Hi,
I've setup a group policy to prohibit access to the properties of a LAN connection and I can't seem to get it to work. I also set the same policy to remove Internet Options and Network Connections from the Control panel. Internet options has disappeared, but network connections hasn't (I used ncpa.cpl for network connections).
I've run a policy results wizard and it does appear to be working, but it's not..
Network/Network Connections
Policy Setting Winning GPO
Prohibit access to properties of a LAN connection Enabled Network & Control Panel
Prohibit access to properties of components of a LAN connection Enabled Network & Control Panel
Prohibit access to the Advanced Settings item on the Advanced menu Enabled Network & Control Panel
Prohibit adding and removing components for a LAN or remote access connection Enabled Network & Control Panel
Prohibit Enabling/Disabling components of a LAN connection Enabled Network & Control Panel
Prohibit TCP/IP advanced configuration Enabled Network & Control Panel
The user is only a member of domain users and there aren't any local policies affecting the machine. There are no GP errors in the event logs either.
Can someone point out what could be stopping this from working fully?
Thanks
Paul
I've setup a group policy to prohibit access to the properties of a LAN connection and I can't seem to get it to work. I also set the same policy to remove Internet Options and Network Connections from the Control panel. Internet options has disappeared, but network connections hasn't (I used ncpa.cpl for network connections).
I've run a policy results wizard and it does appear to be working, but it's not..
Network/Network Connections
Policy Setting Winning GPO
Prohibit access to properties of a LAN connection Enabled Network & Control Panel
Prohibit access to properties of components of a LAN connection Enabled Network & Control Panel
Prohibit access to the Advanced Settings item on the Advanced menu Enabled Network & Control Panel
Prohibit adding and removing components for a LAN or remote access connection Enabled Network & Control Panel
Prohibit Enabling/Disabling components of a LAN connection Enabled Network & Control Panel
Prohibit TCP/IP advanced configuration Enabled Network & Control Panel
The user is only a member of domain users and there aren't any local policies affecting the machine. There are no GP errors in the event logs either.
Can someone point out what could be stopping this from working fully?
Thanks
Paul
Might be as simple as time, how long has it been since creating the policy? what OS is the clinet running? have you tried running gpupdate/force on the client?
I thought that but I created it yesterday and left it over night and part of the policy does appear to work partially(Internet options being removed from the control panel). The client OS is XP and I have tried gpupdate /force many a time, reboots, log offs, tried creating a seperate policy and nothing so far has stopped access to network connections :(
But did you try GPRESULT?... the policy is getting on that PC?... maybe is filtered out somehow or the targeted PC is not in the right OU?...
I didn't, forgot about that one ;) Still, here are the results on the client pc:
Applied Group Policy Objects
--------------------------
Default Domain Policy
Webroot DWP Install
<b>Network & Control Panel<b>
My Docs Re-direction
Active Desktop
Screen Saver Lockout
Flash Install
WSUS
The following GPOs were not applied because they were filtered out
--------------------------
Small Business Server Remote Assistance Policy
Filtering: Disabled (GPO)
Small Business Server Internet Connection Firewall
Filtering: Disabled (GPO)
Windows Firewall Off
Filtering: Not Applied (Empty)
Local Group Policy
Filtering: Not Applied (Empty)
The user is a part of the following security groups:
--------------------------
Applied Group Policy Objects
--------------------------
Default Domain Policy
Webroot DWP Install
<b>Network & Control Panel<b>
My Docs Re-direction
Active Desktop
Screen Saver Lockout
Flash Install
WSUS
The following GPOs were not applied because they were filtered out
--------------------------
Small Business Server Remote Assistance Policy
Filtering: Disabled (GPO)
Small Business Server Internet Connection Firewall
Filtering: Disabled (GPO)
Windows Firewall Off
Filtering: Not Applied (Empty)
Local Group Policy
Filtering: Not Applied (Empty)
The user is a part of the following security groups:
--------------------------
-
![]()
received a Solution
SBS 2003 Network Access Very Slow -
![]()
wrote an Article
![]()
Routing and Remote Access - Adding new interfaces
-
![]()
created a Video
![]()
What is WMI and how it can be used to get hardware and software information from remote computers?
-
Explore Cloud Class® ![]()
Certification: MCP MCSA Microsoft Certified Partner & Solutions Associate - Configuring Windows Devices
Premium Content
You need an Expert Office subscription to comment.Start Free Trial