Management has asked us to find a way to block certain users from accessing the Internet. We are running NT 4.0 Is it possible to give/deny users internet access on an NT network by using a Global/Local Group as the permission? In other words, can I setup an “InternetAccess” group on NT where only the users included in that group will be allowed internet access? I have been told this is possible but do you need to be using a proxy server to accomplish it? Our company doesn’t have a proxy server and a local ISP houses our DNS server.
We have tried taking the DNS settings out of the users’ network properties but they usually figure out how to put them back in. I know we can use a policy editor to restrict access to the network properties screen, but that’s not good solution at this time.
Any help or suggestions are appreciated.