Active Directory group policy to only allow 2 websites
Hi All, bit stumped on this one. I am setting up lab machines in my uni that are only allowed to have access to 2 websites (external), the machines are locked down via group policy (no control panel, start menu, hidden drives etc), however im scratching my head on allowing only 2 webistes to work:wonder: . Machines are WinXP Pro SP2 with IE7, DC's are sever 2003 SP1
We do not use proxys in the Uni or any internet monitoring software hence why I need this to work via a group policy object, anyone know how to do this?:) Mike |
AFAIK you cannot do this via a group policy, can you not do it on the firewall via ACL's ?
|
Originally Posted by Sonic'
(Post 7810228)
AFAIK you cannot do this via a group policy, can you not do it on the firewall via ACL's ?
|
Originally Posted by mike1210
(Post 7810265)
technically yes.....but I would have to jump through the 7,000,000,000,000 barriers that the networks team would no doubt impose:cry:
Not sure of any other way of doing it, without some form of proxy/firewall |
Use IE Content Manager to specify sites and then GPedit to lock down Content Manager.
|
try using a host file with only the 2 websites ip addresses.
then if you do not use dns you should be able to achieve the desired result |
you can do it using IEAK and a custom pac file.
havent tried below, its been a while so my syntax may not be 100% Code:
function FindProxyForURL(url, host) { see Proxy Client Autoconfig File Format |
If you have dedicated AD server running the DNS, stop the DNS servers from having forwarders available. Then just create zones for the websites you want to permit. Only issue is that you can bypass if you know the IP address of the site.
Other option is to remove the default gateway if the machines will work in the same subnet. Just apply persistent routes for the sites allowed. |
many thanks all:)
|
All times are GMT +1. The time now is 11:27 AM. |
© 2024 MH Sub I, LLC dba Internet Brands