have 40 to 50 systems running 2K prof. I'd like to lock them out from being able to surf the net. I figure it can be done several different ways. I'm new with this company, and am just now learning their enviroment.
There are 3 different locations. Each site, has it's own 2K small biz server running.
They have no group policies in effect as well.
Where would you begin, or what would be the easiest solution, all the while providing some scaleability?
A few easy ways would be to misconfigure the Gateway TCP/IP settings. Also you could add a bogus proxy server for IE. Not foolproof but stops most average users, especially if they are not local admins.
The remote sites each have a 2K small biz server on site. They all access the internet through VPN connection with the host site [local] via a DSL connection. All desktops are running Win 2K prof as a client.
I thought about creating groups, and using group policies to grant or deny. It's not so much as to what they access, but who has access rights to the internet.
I thought about the bogus proxy server setting but that would require visiting each machine, which is can be done, but I'd like to admin access to the internet locally to the remotes.
Definitely set up security groups, this will help with many things in the future.
As for internet access...
It might be easiest to simply create a group policy that disallows users (by way of a security group) from running iexplore.exe. This way, you can grant certain users access while disallowing other users access.
Kinda of thought that. I was just reading this a.m. about group policies, and the such. They don't have any groups of any kind, just users, and their associated home drives.
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!