How do i deny internet access for 1 person in a domain

G

Guest

I'm running a Win2000 Server SP4 domain. I want to take away internet access
for 1 user but let the person have intranet access. What is the best way to
do that on a Win XP workstation.
 
P

Phillip Windell

You can't without a proxy server that authenticates based on domain user
accounts. ISA Server is an example of that.

NAT based Internet Devices typically can restrict by the IP of the machine
they are sitting at, but that isn't worth much if you use DHCP where the
machine may not always be the same address.
 
S

Steven L Umbach

You can set an ipsec filtering policy on the "computer" to manage what
outbound ports that users on a computer can access, block access at the
firewall with the computers IP address [static would be best], or configure
the computer to not have a default gateway to prevent any access outside of
the network for that computer. A user based solution [other that ISA as
Phillip mentioned] could be a personal firewall such as Portslock that can
have different configuration based on logged on user or using Group Policy
to configure a "bogus" proxy server for that user being sure he could not
access IE settings to reconfigure which would prevent internet access only
through Internet Explorer.. --- Steve
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Internet and intranet domain name - problem with dns! 5
Internet and/or Intranet access for selected PCs 4
Access Denied 4
Internet access via DSL dies until reboot 9
New W2k PDC old NT 4.0 loggin in says no domain 1
Difference between domain and workstation logon? 1
Free website to host a domain? 11
disallowing access to network files 1

Top