1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Logon scripts - internet access

Discussion in 'Windows XP' started by 10forcash, Apr 12, 2004.

Thread Status:
Not open for further replies.
Advertisement
  1. 10forcash

    10forcash Thread Starter

    Joined:
    Aug 7, 2003
    Messages:
    343
    Ok chaps,
    I need to block internet access on a per- user basis, easy enough, use a logon / logoff script....probably by redirecting that users gateway to an invalid gateway, like 127.0.0.1 - sounds good, problem is, what command do I use to do this???
    Been searching technet, COTSE etc. for days... I know it can be done, a sadly departed sysadmin had two closely - guarded 'internet on' and 'internet off' scripts he used to run on miscreant users profiles in the old days when I was just a power user.
    A weekend in Baghdad to the winner, 2 weeks for the runner up.....
    Cheers,
    10forcash
     
  2. rude

    rude

    Joined:
    Mar 8, 2004
    Messages:
    2,326
  3. 10forcash

    10forcash Thread Starter

    Joined:
    Aug 7, 2003
    Messages:
    343
    Rude,
    close...but no cigar !!
    I need to create the logon/off script, the link relates to hiding it from the users, which isn't a problem as I already use scripts and theyre used to seeing them.
    looks like the 2 week bed & breakfast in saddam's hidey-hole for you..
    cheers,
    10forcash
    ps. only joking, 3 course a-la-carte is available -honest
     
  4. rude

    rude

    Joined:
    Mar 8, 2004
    Messages:
    2,326
    This is not scripts but a full blown program that will do what you want and more:
    http://www.browsecontrol.com/

    I think this entitles me to at least 1 week b&b but you supply the flack jackets
     
  5. 10forcash

    10forcash Thread Starter

    Joined:
    Aug 7, 2003
    Messages:
    343
    Rude,
    Seeing as nobody else is playing, looks like you're the winner, had a good play with the software and it seems you were right, does what it says on the tin.
    Thanks a lot mate, here's your soooper doooper holiday destination
    <attached>
    Tickets are in the post......
    Cheers,
    10forcash
     

    Attached Files:

  6. rude

    rude

    Joined:
    Mar 8, 2004
    Messages:
    2,326
    Right on!!!I'm packed and waiting!!!
     
  7. 10forcash

    10forcash Thread Starter

    Joined:
    Aug 7, 2003
    Messages:
    343
    :p hahahahahahahaha :eek:
    Day on the ranges first for you me lad...
    watch out for these on the way in though :eek: :eek:
    Cheers,
    10forcash
    ps. thanks fot the help, it's appreciated (probably not by the users though) ;)
     

    Attached Files:

  8. 10forcash

    10forcash Thread Starter

    Joined:
    Aug 7, 2003
    Messages:
    343
    Rude, (and anyone else that's interested)
    finally got round to researching and writing the scripts, these allow me to deny internet access on a per-user basis, which is better than per IP (although browsecontrol is a handy little tool)
    Basically, I created two VBS scripts, intoff.vbs and inton.vbs, these are stored on the PDC, and two batch files (you guessed it - intoff.bat and inton.bat) are referenced in the logon script part of the user AD profile, the GPO restricts access to the proxy settings to prevent users modifying the settings. If you could be bothered to read this far, here's the scripts

    intoff.vbs

    On Error Resume Next


    const HKEY_CURRENT_USER = &H80000001
    strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings"
    strValueName = "ProxyServer"
    strComputer = "."
    strValue = "http=127.0.0.1:8080 https=127.0.0.1:8080"

    Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_
    strComputer & "\root\default:StdRegProv")
    oReg.CreateKey HKEY_CURRENT_USER,strKeyPath
    oReg.SetStringValue HKEY_CURRENT_USER,strKeyPath,strValueName,strValue

    inton.vbs

    On Error Resume Next


    const HKEY_CURRENT_USER = &H80000001
    strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings"
    strValueName = "ProxyServer"
    strComputer = "."
    strValue = "http=192.168.0.1:83 https=192.168.0.1"

    Set oReg=GetObject("winmgmts:{impersonationLevel=impersonate}!\\" &_
    strComputer & "\root\default:StdRegProv")
    oReg.CreateKey HKEY_CURRENT_USER,strKeyPath
    oReg.SetStringValue HKEY_CURRENT_USER,strKeyPath,strValueName,strValue

    intoff.bat

    \\sitepdc\sysvol\domain.com\scripts\intoff.vbs /s

    inton.bat

    \\sitepdc\sysvol\domain.com\scripts\inton.vbs /s

    the /s switch causes the script to run silently


    The users denied access run the intoff.bat, the users allowed access run the inton.bat when they logon to their profile

    now (some) users are realley pi$$ed off!

    Cheers,
    10forcash
     
  9. Lexsar

    Lexsar

    Joined:
    Aug 14, 1999
    Messages:
    185
    10forCash; I am interested in utilizing something like this too. How do I implement this exactly. Are these scripts for when a user is logging onto a network or can the same be used for logging into a machine (say running XP Pro)?
     
  10. 10forcash

    10forcash Thread Starter

    Joined:
    Aug 7, 2003
    Messages:
    343
    Lexar, if you want to apply it 'per user', you need to be on a domain, place the script in the sysvol share and use AD to apply the script. this will apply it to any machine the user logs on to.
    If this doesn't make sense, PM me and i'll create a word doc with screenshots - don't hold your breath though, i'm busy !
    Cheers,
    10forcash
     
  11. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/219654

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice