Another option would be to create an IPSec policy that restricts that machine from accessing IP addresses outside of the local subnet except for the IP addresses of the two web domains you want to permit. You can apply this IPSec policy locally on one or more machines, or you can use Group Policy to apply it to machines within an OU. This works well as long as you can easily determine the IP addresses associated with the domains.
Jeff -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, February 21, 2005 12:09 PM To: [email protected] Subject: Re: [ActiveDir] Website Restriction through group policy Hi, The easiest way to do it is to get a test machine and manually configure IE the way you want (setting up zones etc). Then create a test policy, go to IE maintenance and import your settings. I have never tried exactly what you want to do, but it should work, although you would want to test it all to make sure. Your other option is to manually work out exactly what registry keys are required and then build an ADM Template to do it. Its a bit harder, but you will have a better understanding of exactly what is going on. Alan Cuthbertson Policy Management Software:- http://www.sysprosoft.com/index.php?ref=activedir&f=pol_summary.shtml ADM Template Editor:- http://www.sysprosoft.com/index.php?ref=activedir&f=adm_summary.shtml Policy Log Reporter(Free) http://www.sysprosoft.com/index.php?ref=activedir&f=policyreporter.shtml ----- Original Message ----- From: "Umer Y." <[EMAIL PROTECTED]> To: <[email protected]> Sent: Tuesday, February 22, 2005 6:47 AM Subject: [ActiveDir] Website Restriction through group policy > Hello, > > I want to restrict a computer from accessing any website other than two web > domains of my choice. > > Is there a way to accomplish that with Group Policy? > > Thanks! > > > > > ... you don't know what you've got 'till it's gone.. > > - Joni Mitchell > > > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ Confidential This e-mail and any files transmitted with it are the property of Belkin Corporation and/or its affiliates, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipients or otherwise have reason to believe that you have received this e-mail in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing or copying of this e-mail is strictly prohibited. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
