Topic: Restricting Internet Access using active directory service

[bolade]

I want to get clear steps and softwares on how to restrict internet access in my domain. I learn windows cos that what my organisation use. But I am solaris biased cos I want to move to another company. So both platforms are welcomed.

[metalmunna]

I want to get clear steps and softwares on how to restrict internet access in my domain. I learn windows cos that what my organisation use. But I am solaris biased cos I want to move to another company. So both platforms are welcomed.

hi, your question isn't clear and your all requirements. although there has a so simple way .. if NAT enable on your domain, simply disable that or use a gateway on the domain which has no internet access, only local routing enable ...

[PanyPayomma]

What I might do is ask for a folder or setting folder and post the info by module #. That would make it easy for others to find and use.
MDC

[Pez]

Im not shour what your question is but.

In a Window based envirament with active directory (AD) you use the group policy object (GPO) to setup thise kind of restriction if you want to do it to all computers or a gruop of computer's.
All computers that loged in in the AD are implementing the GPO for that group of computer ther is member of. You can also set up the same kind of restriction per user base in the AD so you can also do it that way if it is more convinient.

Her is som useful thread for GPO and IE (ther is more and less same rocidure for IE7, IE8 and IE9 the only is that you need to import the object in the AD for those you dont have in the new features):
Group Policy and Internet Explorer 8
http://technet.microsoft.com/en-us/library/cc985351.aspx

Group Policy Settings Reference for Windows Internet Explorer 8
http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=3648

configuring the GP on IE settings
http://social.technet.microsoft.com/Forums/en-US/winserverGP/thread/20f48a0c-1677-4ea4-b8df-c9d5420bce71

How to Setup Group Policy to Restrict Internet Access
http://msmvps.brinkster.net/Internet/restrictie11.htm

I hope this is helping you.

[smoothie]

The other option that you may wish to consider is to force all internet traffic to go via a centralised open-source proxy (e.g. SQUID).

This way you can align Internet usage with your company policy.

With SQUID, you can also authenticate & authorize access against AD.