The most common way I see people doing this is to use GPO to set a proxy
server address that points to a non-existent proxy server, and then prevent
the user from changing that. Seems to work well.
Thanks Christoffer. This method is good if you know the URLs of all of the
internal sites that are accessible, but what if its an indefinite list or
what if you want to say "all internal sites". Are there any wildcard
capabilities here?
Thanks Chris and Darren.
The problem is I don't want to use IEAK.
I used the group policy object to now point it to our ISA
Proxy Server. However, How can I protect the group policy
object from modification by users access to AD from w2k.
I used Delegation option, but the changes did not take
effect. Is this because I am still in mixed mode.
Thanks.
When you said you used the delegation option, are you talking about through
GPMC? What changes to delegation did you make exactly? That will help know
how to make sure things are working as expected.
OK. So if you're trying to prevent someone from changing a GPO, you won't be
able to do it through the delegation of Control Wizard. That is only
designed to delegate access to AD objects and its incomplete for delegating
a GPO. I would recommend using either the ACL Editor on the GPO itself, or
better yet, use the GPMC, which has a nice, neat Delegation tab built in
that encapsulates the various permissions in easy to understand ways.
Well you can use zones and lock them down to identify all internal websites
for example. I don't believe content advisor can do a such thing, but I will
check it out=)
Ask a Question
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.
