R
ridergroov
Hi there everyone. Trying to figure out how I can block specific users
on an XP Pro machine from using the internet. Thanks!
on an XP Pro machine from using the internet. Thanks!
What do you want to prevent, browsing? E-mail?ridergroov said:Hi there everyone. Trying to figure out how I can block specific users
on an XP Pro machine from using the internet. Thanks!
Pat said:What do you want to prevent, browsing? E-mail?
You can prevent them from accessing specific client software such as
browsers as follows:
- create a local group (assuming this is not a domain workstation)
called NoAccess
- on the properties/security tab for an executable (Firefox.exe etc.),
add a Deny Access permission to anyone that is in NoAccess group
- right click My Computer-Manager-Users and Groups-<account>-Properties,
and make the user(s) a member of NoAccess
This will prevent them from running the specified application(s). They
have to logoff/logon for this to take effect.
--
-Pat
Trend Micro's PC-Cillin has a feature where you may TEMPORARILY PREVENT AN INTERNET CONNECTION. It's hard to find so you have to do some searching.
ridergroov said:Hi there everyone. Trying to figure out how I can block specific users
on an XP Pro machine from using the internet. Thanks!
ridergroov said:How many times has lay down the law worked? Haha. Thanks everyone.
Even if I do block the executable files with permissions, the run box
is still in the start menu which will bypass that. Other ideas?
ridergroov said:Hey Pat,
Thanks for the continued response. What i'm trying to do is prevent
front desk people from surfing the net while they are on terminal
sessions to our win2k3 terminal server All was find until someone
realized that if you use the Explorer, as in file explorer, then change
the address bar to a web address, you can totally bypass the fact that
I have the iexplore.exe permissions blocked. See what I mean. Let me
know if you know a way around this. Thanks!
Pat said:Now that's an interesting phenomenon! I wonder if my daughter knows
about this :-(
This method does not seem to require the iexplore.exe executable.
Is the server they connect to a domain controller and what does it have
configured as its DNS server. The DNS server might be one way to
prevent them from getting out. Does ANYBODY on that segment need to get
out?
Gordon said:there were certainly methods of denying internet access in W2K - in
companies I've worked in each user had to be authorised to access external
http addresses. every user could access the company home page, but any
external web site was denied unless the user had been given specific
permissions to access externally.Not sure how that works though......
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.