Prevent users to use IE?

[Candidog]

Is there a Policy I can use that will remove Internet Explorer or prevent a user from using Internet Explorer on thier Windows XP workstations.

I have a Windows 2003 domain with all XP workstations

 

[tfg13]

There is such a place. You'll end up disallowing IE to run, but it will get you the same results (unless a user is able to change the name of IE).

In the Group Policy, go to User Configuration->Administrative Templates->System, and double click Don't Run specified Windows applications. Add IExplore.exe.

Something else you could try would be to add a "fake proxy" to IE. This will not allow a user to go anywhere with IE. To do that, you'll need to go to the following:

User Configuration->Windows Settings->Internet Explorer->Connection, and double click Proxy Settings. Assign all address spaces something like 127.0.0.1 (Or put a checkmark in the "use the same proxy server for all addresses").

 

[BillyRayPreachersSon]

The problem with block IExplore.exe is that all users have to do is rename is to something else... even if you delete it, all they have to do is copy it back on. I'd go with the second suggestion of the fake proxy, which would be harder to bypass.

Dan



[tt]Dan's Page [blue]@[/blue] Code Couch

http://www.codecouch.com/dan/

[/tt]

 

[Sheco]

Maybe you could just block port 80 and 443?

 

[tfg13]

Blocking port 80 and 443 would then cause all browsers to not connect. From what I am getting from the post, and Candidog, correct me if I'm wrong, is that IE is the only thing you want blocked.

Something else you could try (I've never attempted this, so I don't know the results) would be to change the permissions on the Internet Explorer directory to not allow users the ability to read, or read & execute. I'm looking for the script I did about 2 years ago that did something like this, and I will post back.