[THIN] Re: OT: Restricting IE On Terminal Server

• From: Jeff Durbin <techlists@xxxxxxxxxxxxx>
• To: thin@xxxxxxxxxxxxx
• Date: Wed, 31 Dec 2003 11:47:43 +1300

I did deny application of the GPO to domain admins. I'm quite puzzled by the
situation, because the setting is listed under User Configuration, which
should cause it to be applied only to those users that receive the policy. I
knew it wasn't a matter of the admin account receiving the policy because
the policy is so restrictive that I wouldn't have been able to do much of
anything. The only thing that ever changed in the admin desktop was IE's
Content restriction. Another reason I knew the admin wasn't receiving the
policy via a periodic policy refresh (since I wasn't logging in or out - the
account was logged in the entire time) was that it was changing immediately
- I would change the policy setting and the admin would receive it
immediately.

-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Selinger, Stephen
Sent: 31 December 2003 8:10 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: OT: Restricting IE On Terminal Server


Did you deny the GPO to domain administrators?  If not then it would make
sense that this GPO would apply to your admin account.
 

-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Jeff Durbin
Sent: December 30, 2003 11:59 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] OT: Restricting IE On Terminal Server



  I want to give a group of users Internet Explorer, but restrict them to
certain web sites. What's the best way to do this? 
  I thought this would be quite straightforward using Content Advisor via
Group Policy. I enabled it for a GPO that applied to a group of users and
restricted them to certain sites. I logged on as on of the users and did
receive the restriction. However, I then noticed that my administrator's
session to the same server was also restricted. I verified that, even though
the Content Advistor settings are listed under the User Configuration
(Windows Settings, Internet Explorer Maintenance, Security , Security Zones
and Content Ratings), any restriction applied to any user on a server causes
those settings to be applied to *all* users. Any ideas? (I know about kiosk
mode, but since I'm publishing a desktop, they could create a shortcut to
Iexplore.exe in their home drive and get a normal instance of IE, so I want
something a little more sure).
 
Thanks and Happy New Year,
 
Jeff Durbin
 
 

• References:
  • [THIN] Re: OT: Restricting IE On Terminal Server
    • From: Selinger, Stephen

Other related posts:

• » [THIN] OT: Restricting IE On Terminal Server
• » [THIN] Re: OT: Restricting IE On Terminal Server
• » [THIN] Re: OT: Restricting IE On Terminal Server
• » [THIN] Re: OT: Restricting IE On Terminal Server
• » [THIN] Re: OT: Restricting IE On Terminal Server
• » [THIN] Re: OT: Restricting IE On Terminal Server
• » [THIN] Re: OT: Restricting IE On Terminal Server
• » [THIN] Re: OT: Restricting IE On Terminal Server
• » [THIN] Re: OT: Restricting IE On Terminal Server
• » [THIN] Re: OT: Restricting IE On Terminal Server
• » [THIN] Re: OT: Restricting IE On Terminal Server
• » [THIN] Re: OT: Restricting IE On Terminal Server
• » [THIN] Re: OT: Restricting IE On Terminal Server

1. Home
2. thin
3. Archive
4. 12-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---