I have domain in which I need to enable certain restrictions on the workstations.
It would be nice to be able to set the default IE browser page, some of the trusted security settings, and furthermore the ability to access certain sites only.
Currently, I have to set the trusted sites permissions with each profile that logs in (very time consuming) and also we use the content advisor to block out site that are unwarranted, however it only works partially well. I am noticing that some users are gettings smarter by disabling the password in the regeditor.
Is there a way I can apply a group policy to lock out the regeditor and or installation of software on certain workstations, yet have an administrator account be able to access it?
What are your recommendations on blocking certain websites and web content filtering?
I unfortunately cannot apply a DNS filter, because we provide would have to do it at the server level that manages the DNS, and our corporate office should have the ability to go to any site...but other workstations cannot. The DNS filter I looked at would only provide a all or nothing solution. Any ideas and also how to apply the group policy to remove regedit, and the other settings mentioned?