General discussion
-
CreatorTopic
-
March 1, 2005 at 1:46 pm #2176858
Restrict Internet Access by User
Lockedby sferrero · about 17 years, 2 months ago
Im an IT admin at my organization and i was wondering how i would go about restricting internet access from a certain user on our domain.
I have one account that i do not want to be able to access the internet.
Topic is locked -
CreatorTopic
All Comments
-
AuthorReplies
-
-
March 1, 2005 at 2:51 pm #3334902
A number of ways.
by tbragsda · about 17 years, 2 months ago
In reply to Restrict Internet Access by User
.
You can run a proxy server, or what I would suggest is something like superscout. It will generate reports on usage, sites visited etc, and can block by site types etc.There are workstation options, but it makes more sence to do it from a server.
-
August 15, 2007 at 4:49 pm #2619302
Easy
by djp81s8 · about 14 years, 9 months ago
In reply to A number of ways.
Get his MAC address reserve an IP. Block the IP.
-
-
March 2, 2005 at 1:07 am #3330364
use the
by jaqui · about 17 years, 2 months ago
In reply to Restrict Internet Access by User
user account config to remove access to the external gateway for internet access.
( requires the server be configured to allow access on a user level for each device / service, rather than the most common of domain level controls )netware is good for the user level controls.
*x is good for user level controls.-
March 2, 2005 at 9:00 pm #3331644
-
-
March 2, 2005 at 12:13 pm #3330140
Proxy
by choppit · about 17 years, 2 months ago
In reply to Restrict Internet Access by User
If you’re talking about restricting particular users then you’ll need to ensure that user need to log in before accessing the web. As mentioned above,a proxy such as squid will allow you to do this. If you’re trying to block a particular host then things are a little simpler. If the user is not PC savvy I sometimes set the browser proxy to the loopback address. Other times I block outgoing ports for particular hosts at the firewall.
-
March 2, 2005 at 12:54 pm #3330108
What firewall do you use?
by jdclyde · about 17 years, 2 months ago
In reply to Restrict Internet Access by User
Firewalls can allow and deny what ever you want.
Just put in a deny from his pc’s IP to the destination. (unless you use DHCP, one of MANY reasons we do NOT use DHCP for our PC’s)
Could also go to that pc and add that domain to the denyed or put in the hosts file that domain name with the address for an internal website with a note that the page attempted to access is denied due to company policy and the attempt has been logged.
-
March 3, 2005 at 3:03 pm #3330553
ISA
by mcseman · about 17 years, 2 months ago
In reply to Restrict Internet Access by User
I recommend using another Microsoft product called Internet Security and Acceleration (ISA). ISA will allow several simultaneous configurations including:
1. restriction by user name
2. restriction by group
3. restriction to specific sites
4. Restriction by time
and any other combination of the above.
Here is an example of a configuration I currently use to explain the flexability:
I have a group of users that have 24/7 unlimited access (admins, directors, etc). I have set up time restrictions for other users to allow everyone unlimited access between the hours of 7-8am, 12-1pm, and 5-6pm. Every user has limited internet access to certain sites such as windowsupdate, antivirus update, corporate web site. ISA is not only the ‘proxy’ server but it is an integrated firewall that plays nice with Active Directory, OWA, and POP servers.
I hope this helps.Erik ‘mcseman’ Pryor
-
January 11, 2007 at 11:30 pm #2504781
Restricting by User on XP Pro
by webaccount · about 15 years, 4 months ago
In reply to ISA
Hey,
Is there any way to completely restrict internet access on xp with in the system or using downloads from microsoft.com.
Are their any relatively inexpensive applications which can do this.
Thanks,
Rob
-
March 18, 2008 at 11:19 am #2547294
global policy
by wsmith · about 14 years, 2 months ago
In reply to Restricting by User on XP Pro
you can do it for free with global policy and have IE refer to a proxy server that does not exist. I have a whole group of users that are not allowed Internet access and can move people in and out of group at will.
-
January 14, 2009 at 12:22 am #2986966
Global policy
by don · about 13 years, 4 months ago
In reply to global policy
can you give a more detailed description on how to go about this?
-
-
-
-
AuthorReplies