You would also need policies in place to deny access network control panel config settings, and deny ability to create new network connection settings such as vpn/dun/etc. And a registry policy, to prevent a manual change of the gateway, and potentially if booted into safe mode w/ network, and also I reccomend acl's on the firewall. depends how secure/smart the users are.
Rich -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 18, 2001 10:21 PM To: NT 2000 Discussions Subject: Re: Running Logon/Logoff scripts as admin If you want no access outside of the network, you could not add a default gateway. At 08:46 PM 12/18/2001 -0600, you wrote: >I am trying to use the route command to disable the internet on a group of >machines. I have a vb script that is sorta like this: > >if regkey = 1 then >route delete 0.0.0.0 mask 0.0.0.0 > >I then have another to enable it on logoff. Problem is the route command >requires PowerUser or better and the users are "Users". I don't want to >use the runas command, because I don't want to have to sendkey the >password. These machines will also not be turned off or rebooted. Does >anyone know how to run a logon/logoff script as a admin? Any other >suggestions would be great... > >Thanks, >Landon. > >------ >You are subscribed as [EMAIL PROTECTED] >Archives: http://www.swynk.com/sitesearch/search.asp >To unsubscribe send a blank email to [EMAIL PROTECTED] ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED] ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
