Disabling internet for certain domain users

[Heeter]

Hi all,

Wondering how to disable a domain user/computer from using IE on their workstation through the Active directory, but still have access to domain network.


Thanks

Heeter

 

[Bootsy]

easiest way to do this is to manually input their DNS settings to just point to a domain controller and thats it... now, that DC can only have itself as a DNS entry as well..

Ive done it for some people in my domains and it seems to work well.

If you ultimately need to have them access certain sites, add them to their hosts file.

 

[ZeroHour]

To block IE specifically just put a deny permission on iexplorer.exe with a group they are a member of. Say you make a group "no internet" and then use group policy to put the permission out to the clients with the deny rule. You just add the user to that group, when they log back in they cant run IE.
Or are you looking to block the internet full stop?

 

[Heeter]

No, just two workstations out of the 75 or so. Doesn't matter who the user is on it.