Re: Denying Internet access using DHCP
- From: Ant-nee <Antnee@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 5 Nov 2007 09:44:02 -0800
The GPO worked. Everyone is happy. Thanks!
"Kevin D. Goodknecht Sr. [MVP]" wrote:
Read inline please..
In news:F2ACEAA0-69B7-45C0-8E69-03BA84030194@xxxxxxxxxxxxx,
Ant-nee <Antnee@xxxxxxxxxxxxxxxxxxxxxxxxx> typed:
Hi everyone,
I want to deny Internet access to a certain Windows group on a
Windows 2000 SBS domain. I think the best way to do this is through
DHCP. I would like to assign this particular group to a DHCP user
class that has no router setting, thus eliminating the ability to get
out to the Internet.
When I create a new DHCP user class, it asks me for an ID in binary or
ASCII. Exactly what is it asking for? Also, how do I assign that
user class to my Deny Internet group so that only members of that
group get assigned that user class?
You would have to create reservations for all the PCs you don't want to have
a default gateway.
The simplest way is to create a new Organizational Unit in ADU&C and move
these PCs and or users into this OU, then create a new Group Policy and link
it to this OU, (in addition to the Default Domain Policy)
Edit this new GPO, set these policies.
If it is the computer itself set this policy in addition to the User policy
Computer Configuration
-Administrative templates
-Windows Components
-Internet Explorer--Make proxy settings per-machine(rather than
per-user) Only if it is all users of these computers
-Internet Control Panel--Disable connections page
User Configuration
-Windows Settings
-Internet Explorer Maintenance
-Connection--Proxy Settings Configure a bogus non-routable Proxy IP
address
IF you want the machines to still be able to get Windows updates add this
line to the Bypass proxy list.
*.microsoft.com;*.windowsupdate.com
If it is the users only move the users to this OU.
--
Best regards,
Kevin D. Goodknecht Sr. [MVP]
Hope This Helps
===================================
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
===================================
http://www.lonestaramerica.com/
http://support.wftx.us/
http://message.wftx.us/
===================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
===================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
===================================
- References:
- Re: Denying Internet access using DHCP
- From: Kevin D. Goodknecht Sr. [MVP]
- Re: Denying Internet access using DHCP
- Prev by Date: dns setup without ads
- Next by Date: Re: DNS question with shared IP address space
- Previous by thread: Re: Denying Internet access using DHCP
- Next by thread: Re: missing A record on DNS Serve
- Index(es):
Relevant Pages
|
