• State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 15 subscribers
  • Views 7058 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How can I block all Web Browser access to the Internet for a specific user or AD User Group?

djudice
over 8 years ago

 I need to be able to prevent a user or group of users from accessing the internet, but allow them to use their browsers to access local intranet sites.  Any suggestions?


Thanks!

David

Parents
  • 0 over 8 years ago
    David,
    I don't think there is a built-in ability in Desktop Authority for that, but there might be a hack that could work.

    According to this article: searchenterprisedesktop.techtarget.com/.../Block-Internet-Explorer-Web-surfing-via-Group-Policy it can be hacked by using Group Policy to force the IE browser to use a non-existent proxy server, which means any external connections will fail (internal ones don't need a proxy)

    Desktop Authority has a "Manual proxy configuration" option in the Web Browser configuration so it might work to add in the erroneous proxy setting there. If that fails, there is also a GPO manipulation option with the "Group Policy Templates" section but I have never tried it.

    Keep in mind this type of thing should be done via a firewall. Using DA for this is not very inclusive. What if they bring in their own computer, install a different browser, log in as a different user or with an account that doesn't run SLOGIC?

    Our firewall is AD enabled and I have rules defined for various AD groups, such as students can't get to Facebook and YouTube. It makes life easy and when they bring in a personal phone or laptop or iPad and connect to the WiFi they have to use their own account (via RADIUS authentication) so they get the same permissions
Reply
  • 0 over 8 years ago
    David,
    I don't think there is a built-in ability in Desktop Authority for that, but there might be a hack that could work.

    According to this article: searchenterprisedesktop.techtarget.com/.../Block-Internet-Explorer-Web-surfing-via-Group-Policy it can be hacked by using Group Policy to force the IE browser to use a non-existent proxy server, which means any external connections will fail (internal ones don't need a proxy)

    Desktop Authority has a "Manual proxy configuration" option in the Web Browser configuration so it might work to add in the erroneous proxy setting there. If that fails, there is also a GPO manipulation option with the "Group Policy Templates" section but I have never tried it.

    Keep in mind this type of thing should be done via a firewall. Using DA for this is not very inclusive. What if they bring in their own computer, install a different browser, log in as a different user or with an account that doesn't run SLOGIC?

    Our firewall is AD enabled and I have rules defined for various AD groups, such as students can't get to Facebook and YouTube. It makes life easy and when they bring in a personal phone or laptop or iPad and connect to the WiFi they have to use their own account (via RADIUS authentication) so they get the same permissions
Children
No Data