Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Limit Internet Access 1
- Thread starter MEL33
- Start date
Use the ability to create a logon script, and the ability to use regedit to import registry settings to accomplish this.
1. Create the registry scripts needed:
. Internet_on.reg
Open your registry and find the key below.
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
Export this key as Internet_on.reg
. Internet_off.reg
Change the value of "ProxyEnable" and set it to "1". Change the value of "ProxyServer" and set it to an IP address and port that is invalid on your network such as "10.0.0.1:5555" (i.e. "IP
ort".
By changing these settings Internet access will be disabled for any applications that rely of the Microsoft proxy server information such as Internet Explorer, Microsoft Office, Opera browser, Mozilla, etc.
Export the key [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
again as Internet_off.reg
2. In the logon script for users you either place the on or off registry key file with the following syntax:
regedit /s Internet_on or Internet_off.reg
Note: The change will take effect immediately for any new browser windows, existing Internet Explorer sessions will not be affected until the browser is closed and reopened.
3. If you have relatively clever users, they could change these settings, unless you stop them.
To stop users from modifying the proxy settings add these restrictions to disable changes to the Internet configuration.
Find or create the key below:
[HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel]
Create two DWORD values named "Connection Settings" and "Connwiz Admin Lock" and set them both to "1".
Make certain you create and export a second registry key set where both values are set to 0 or you will not be able to change your connection settings either!
Source: from an idea found in winguides.com
1. Create the registry scripts needed:
. Internet_on.reg
Open your registry and find the key below.
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
Export this key as Internet_on.reg
. Internet_off.reg
Change the value of "ProxyEnable" and set it to "1". Change the value of "ProxyServer" and set it to an IP address and port that is invalid on your network such as "10.0.0.1:5555" (i.e. "IP
ort". By changing these settings Internet access will be disabled for any applications that rely of the Microsoft proxy server information such as Internet Explorer, Microsoft Office, Opera browser, Mozilla, etc.
Export the key [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
again as Internet_off.reg
2. In the logon script for users you either place the on or off registry key file with the following syntax:
regedit /s Internet_on or Internet_off.reg
Note: The change will take effect immediately for any new browser windows, existing Internet Explorer sessions will not be affected until the browser is closed and reopened.
3. If you have relatively clever users, they could change these settings, unless you stop them.
To stop users from modifying the proxy settings add these restrictions to disable changes to the Internet configuration.
Find or create the key below:
[HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel]
Create two DWORD values named "Connection Settings" and "Connwiz Admin Lock" and set them both to "1".
Make certain you create and export a second registry key set where both values are set to 0 or you will not be able to change your connection settings either!
Source: from an idea found in winguides.com
- Thread starter
- #4
-
1
- #5
Hi,
You can also use the content advisor, tools - Internet options - content - content advisor. You place the site they have to have access to in the list of approved sites(with always). Set a password and enable the content advisor. You have to block msn and hotmail at the approved sites(with never) because you still get access to them if you don't block them.
Greets
Outliner
You can also use the content advisor, tools - Internet options - content - content advisor. You place the site they have to have access to in the list of approved sites(with always). Set a password and enable the content advisor. You have to block msn and hotmail at the approved sites(with never) because you still get access to them if you don't block them.
Greets
Outliner
Ok try this:
1. In the proxy settings on the IE, enter a fictitious domain, bogusdomain and port 80.
2. Now in the 'Exceptions' box type the website and other urls related to this site.(if you're not sure which related urls, then goto 'view source' from the pop up menu.
That will do, but for advance users:
3. Start/run/gpedit.msc
goto: User Configuration/Administrative Templates/ Windows Component/Internet Explorer/Internet Control Pane/Disable the Conection page. Now Right Click 'Properties' and check 'Enable' box.
Now nobody can remove the bogusdomain port 80.
1. In the proxy settings on the IE, enter a fictitious domain, bogusdomain and port 80.
2. Now in the 'Exceptions' box type the website and other urls related to this site.(if you're not sure which related urls, then goto 'view source' from the pop up menu.
That will do, but for advance users:
3. Start/run/gpedit.msc
goto: User Configuration/Administrative Templates/ Windows Component/Internet Explorer/Internet Control Pane/Disable the Conection page. Now Right Click 'Properties' and check 'Enable' box.
Now nobody can remove the bogusdomain port 80.
- Status
