Windows Group Policy in 2003 Domain

steveb12
Topic Author
Offline
New Member

18 years 4 weeks ago #13768 by steveb12

Windows Group Policy in 2003 Domain was created by steveb12

Hello everyone. Could use some help applying a group policy. I work in a call center environment and have the call center users in a separate organizational unit from the rest of the company. I'm trying to implement a group policy on the call center users OU to allow access to a select list of websites and deny access to all others.

Right now I am having two issues:

1) I am getting a large number of Internet Explorer Script Errors. Has anyone else had this problem and is there a setting I can change that can fix this?

2)The call center director wants his people to be able to access outside mail from Yahoo. I'm not certain how to make this happen. I put mail.yahoo.com in as an allowed website and so I can pull up the Yahoo mail login screen. However, when I try to log into a Yahoo mail account I get a message that the page I'm trying to go to does not have a rating. Is there a way to enter in something like an asterisk wildcard ( mail.yahoo.com/* ) to allow all further addresses after the .com?

Any help would be appreciated.

skorpio16
Offline
New Member

18 years 3 weeks ago #13888 by skorpio16

Replied by skorpio16 on topic Re: Windows Group Policy in 2003 Domain

Hi Steve,

Am not really sure that what you want to achieve would be best achieved via Group Policy. It would be better if you configure those website restrictions on the server ( ISA Server etc ) through which your users are connecting to the internet.

Skorpio16

DaLight
Offline
Platinum Member

18 years 3 weeks ago #13889 by DaLight

Replied by DaLight on topic Re: Windows Group Policy in 2003 Domain

I agree with skorpio16. With ISA Server you will also have the advantage of access to AD for your access lists.

Biggystumps
Offline
Junior Member

18 years 3 weeks ago #13929 by Biggystumps

Replied by Biggystumps on topic Re: Windows Group Policy in 2003 Domain

Hi Steve,

I see where your coming from as I administrate a Call centre as well. From my experience there is not a way in IE to restrict all but a few websites. What we have implemented is a blue coat server. www.bluecoat.com/ that our WAN team uses to help with these types of requests. is there any type of firewall in place? If something like this or like Skorpio and DaLight suggested, an ISA server, is not an option then i can see 1 workaround.

My suggestion is this could probably be done in your DNS by simply only forwarding requests for the websites you wish for them to see. (they can get around this if they know the IPs).

hope it helps!

MCSE - MCSA
2003 certified

Arani
Offline
Moderator

18 years 3 weeks ago #13930 by Arani

Replied by Arani on topic Blue Coat

yes mate Blue Coat will be a good option, as i did work for a technical helpdesk, and they used to use Blue Coat services. i cannot say why and how, but it was pretty effective. but do bare in mind that for every service there are loop holes, and people will find ways and means to bypass literally anything. but still its worth having a web site guarding mechanism. go for blue coat unless you have found something more useful for the purpose

Picking pebbles on the shore of the networking ocean

ashish_hcl
Offline
Junior Member

18 years 2 weeks ago #13964 by ashish_hcl

Replied by ashish_hcl on topic to stop website access

Hey steve,
You could use websence and that gives a lot of different options, and also gives you a way to implement it as group policy for different groups, restrictions imposed works suberp here..

See ya,

Ashish Gupta