• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 361
  • Last Modified:

Block Internet for a Group of users in a OU

Hi Experts,

Can you please let me how to block a bunch of users who are in a OU in AD. I need to block internet access to the outside world but allow internal webmail access to them.

Is there a way I can do this in the Server with out using a Hardware.

Thanks
0
gs1uk
Asked:
gs1uk
1 Solution
 
JamesSenior Cloud Infrastructure EngineerCommented:
Why not exclude the gateway address on their systems from your Router/Firewall. Or you could create a GPO and link it to the OU and configure the GPO to set a proxy address which would block internet access.
0
 
Paul MacDonaldDirector, Information SystemsCommented:
There's nothing native in AD to do this, though I can imagine a script that removes the default gateway for a group of people.  Otherwise you're likely looking at configuring something in a firewall.
0
 
JamesSenior Cloud Infrastructure EngineerCommented:
On your Router/Firewall you could block port 80 on the machines you do not want to have internet access, unless their are other users you access the PCs that need internet access.
0
 
chuck-williamsCommented:
Just as JBond mentioned, I have done this by setting up a proxy server setting in group policy that points 1.1.1.1 and then using group policy filtering to apply to a restrict internet access group. Make sure you also set it up so they cannot change proxy server settings.

You can also set "Do not use proxy server for these addresses" if you need to allow them to get to a few web applications.



0
 
danny1875Commented:
I think the easiest way to do that would be to reserve a range of IP addresses for the clients and then exclude that range from internet access via your firewall.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Tackle projects and never again get stuck behind a technical roadblock.
Join Now