# block internet access through group policy in windows server 2003



## amitchauarasia

I want to block internet access in some of the domain users using group policy in windows server 2003. So please help me to implement this.


----------



## Krrose27

amitchauarasia said:


> I want to block internet access in some of the domain users using group policy in windows server 2003. So please help me to implement this.


My suggestion:
1) Disable their accounts right to modify ie setting.
2) Set a proxy inside ie to anything such as 0.0.0.0

Note: This can be bypassed by using a portable firefox, but it is the best option.


----------



## akaki

Hi Krosse27,
Actually, 2 of my office PC(domain user) out of 20 are not permitted to access net browsing, but they are using outlook (imagine that our pop3-mail.abc.com & SMTP-mail.zxy.net). There is no sprcific group in the domain.

I did not configure this but I want to know the configuretion.
1) From where I will disable the acount right?
2) Where I'll put proxy?


----------



## Fidoliedo

Amitchauarasia, if you have a router, you can limit by MAC address. Depending on your network design, there are limitless ways.


----------



## dhirajkumar

amitchauarasia said:


> I want to block internet access in some of the domain users using group policy in windows server 2003. So please help me to implement this.


----------



## dhirajkumar

block internet access through group policy in windows server 2003


----------



## 2xg

Here you go....

1. Create a new policy in GPMC by right-clicking your domain and pressing New. Name the policy No Internet. 

2. Right-click No Internet and press Enforced to check it. 

3. Select No Internet in the left-hand pane, select Authenticated Users under Security Filtering and press Remove, and OK to prevent the policy from applying. 

4. Using Group Policy to implement Internet Explorer settings, navigate to User Configuration / Windows Settings / Internet Explorer Maintenance in the No Internet policy. 

2. Right-click Internet Explorer Maintenance and press Preference Mode. 

NOTE: If a policy is already defined, you must press Reset Browser Settings, which will reset any Internet Explorer Maintenance Group Policy, before you press Preference Mode. 

3. Navigate through Connections and double-click Proxy Settings (Preference Mode). 

4. Check Enable proxy Settings, Use the same proxy server for all addresses, and Do not use proxy server for local (intranet) addresses. (The box above this checkbox is where you set exceptions for your internal network)

5. Type 127.0.0.1 into Address of proxy and 80 into Port. 

6. Press OK. 

7. Close the No Internet group Policy. 

NOTE: To prevent a user from changing their proxy settings, implement Disable changing proxy settings or Disable the Connections page in the No Internet policy.

To prevent a user from accessing the internet:
1. Select the No Internet group Policy under your domain and press Add under Security Filtering. 

2. Use the Advanced dialog to locate and select the user, pressing OK. 

3. Press OK. 

4. If the user is logged on, force the policy to update.


----------

