Restrict Internet with Active Directory?

07
2014-07
  • skan

    What's the best way (with Active Directory or Group Policy) to restrict Internet Access to computers or users, and avoid them to change that settings without an admin password?

    Cheers

    • Answers
  • BigHomie

    You could use group policy and force a fake proxy, localhost for example. something like this http://social.technet.microsoft.com/wiki/contents/articles/5156.how-to-force-proxy-settings-via-group-policy.aspx


    • Related Question

    windows xp - Software to completely restrict Internet Access?
  • bruno077

    I need to completely restrict Internet browsing in one computer with Windows XP installed.

    I have read many methods which imply editing the hosts file, using Internet Explorer filters, etc. The problem with these solutions is that they are not flawless unless you're running a limited account, which is not possible in my case.

    Is there any software that restricts this kind of activity under, say, a password?

    Thanks in advance.

    EDIT: I'm running an admin account because the machine runs a POS (Point of Sale) software which cannot be run under a limited account.


    • Related Answers
  • lajuette

    You should configure your router to restrict access for the machine.

    An user with an admin account can reverse every change you made and disable any protection you install. That's what admin accounts are for. So any measure you take to limit internet access on the machine itself is useless.

    The most fairly modern routers allow you to block internet access to certain machines. This feature may be called "parental control" (that's what this mechanism is usually used for) or something similar.

    If your router doesn't support this, you may have to reconfigure your network (routing the machine in question through another machine with two network interfaces) or find another solution. IMHO a software solution can always be bypassed.