Windows Server 2003
--
Questions
--
Followers
Top Experts
Group Policy to remove access to network connections
Hi,
I've setup a group policy to prohibit access to the properties of a LAN connection and I can't seem to get it to work. I also set the same policy to remove Internet Options and Network Connections from the Control panel. Internet options has disappeared, but network connections hasn't (I used ncpa.cpl for network connections).
I've run a policy results wizard and it does appear to be working, but it's not..
Network/Network Connections
Policy Setting                                              Winning GPO
Prohibit access to properties of a LAN connection Enabled          Network & Control Panel
Prohibit access to properties of components of a LAN connection Enabled Network &Â Control Panel
Prohibit access to the Advanced Settings item on the Advanced menu Enabled Network &Â Control Panel
Prohibit adding and removing components for a LAN or remote access connection Enabled Network &Â Control Panel
Prohibit Enabling/Disabling components of a LAN connection Enabled Network &Â Control Panel
Prohibit TCP/IP advanced configuration Enabled Network &Â Control Panel
The user is only a member of domain users and there aren't any local policies affecting the machine. There are no GP errors in the event logs either.
Can someone point out what could be stopping this from working fully?
Thanks
Paul
I've setup a group policy to prohibit access to the properties of a LAN connection and I can't seem to get it to work. I also set the same policy to remove Internet Options and Network Connections from the Control panel. Internet options has disappeared, but network connections hasn't (I used ncpa.cpl for network connections).
I've run a policy results wizard and it does appear to be working, but it's not..
Network/Network Connections
Policy Setting                                              Winning GPO
Prohibit access to properties of a LAN connection Enabled          Network & Control Panel
Prohibit access to properties of components of a LAN connection Enabled Network &Â Control Panel
Prohibit access to the Advanced Settings item on the Advanced menu Enabled Network &Â Control Panel
Prohibit adding and removing components for a LAN or remote access connection Enabled Network &Â Control Panel
Prohibit Enabling/Disabling components of a LAN connection Enabled Network &Â Control Panel
Prohibit TCP/IP advanced configuration Enabled Network &Â Control Panel
The user is only a member of domain users and there aren't any local policies affecting the machine. There are no GP errors in the event logs either.
Can someone point out what could be stopping this from working fully?
Thanks
Paul
Zero AI Policy
We believe in human intelligence. Our moderation policy strictly prohibits the use of LLM content in our Q&A threads.
Might be as simple as time, how long has it been since creating the policy? what OS is the clinet running? have you tried running gpupdate/force on the client?
I thought that but I created it yesterday and left it over night and part of the policy does appear to work partially(Internet options being removed from the control panel). The client OS is XP and I have tried gpupdate /force many a time, reboots, log offs, tried creating a seperate policy and nothing so far has stopped access to network connections :(
But did you try GPRESULT?... the policy is getting on that PC?... maybe is filtered out somehow or the targeted PC is not in the right OU?...
EARN REWARDS FOR ASKING, ANSWERING, AND MORE.
Earn free swag for participating on the platform.
I didn't, forgot about that one ;) Still, here are the results on the client pc:
Applied Group Policy Objects
--------------------------
  Default Domain Policy
  Webroot DWP Install
  <b>Network & Control Panel<b>
  My Docs Re-direction
  Active Desktop
  Screen Saver Lockout
  Flash Install
  WSUS
The following GPOs were not applied because they were filtered out
--------------------------
  Small Business Server Remote Assistance Policy
    Filtering:  Disabled (GPO)
  Small Business Server Internet Connection Firewall
    Filtering:  Disabled (GPO)
  Windows Firewall Off
    Filtering:  Not Applied (Empty)
  Local Group Policy
    Filtering:  Not Applied (Empty)
The user is a part of the following security groups:
--------------------------
Applied Group Policy Objects
--------------------------
  Default Domain Policy
  Webroot DWP Install
  <b>Network & Control Panel<b>
  My Docs Re-direction
  Active Desktop
  Screen Saver Lockout
  Flash Install
  WSUS
The following GPOs were not applied because they were filtered out
--------------------------
  Small Business Server Remote Assistance Policy
    Filtering:  Disabled (GPO)
  Small Business Server Internet Connection Firewall
    Filtering:  Disabled (GPO)
  Windows Firewall Off
    Filtering:  Not Applied (Empty)
  Local Group Policy
    Filtering:  Not Applied (Empty)
The user is a part of the following security groups:
--------------------------
ASKER CERTIFIED SOLUTION
membership
Log in or create a free account to see answer.
Signing up is free and takes 30 seconds. No credit card required.
Windows Server 2003
--
Questions
--
Followers
Top Experts
Windows Server 2003 was based on Windows XP and was released in four editions: Web, Standard, Enterprise and Datacenter. It also had derivative versions for clusters, storage and Microsoft’s Small Business Server. Important upgrades included integrating Internet Information Services (IIS), improvements to Active Directory (AD) and Group Policy (GP), and the migration to Automated System Recovery (ASR).