Internet Explorer in Terminal Server

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I need to disable any access to Internet Explorer from a Terminal Server
session.

Actually, I guess I should say ANY Web access.

Any ideas?

TIA!

jwkh
 
Yeah! You can configure everyone's proxy settings to point to 127.0.0.1.

Look under User Config, Windows Settings, Internet Explorer Maintenance,
Connection, Proxy Settings.
 
Then you have to go under User Config | Admin Templates | Windows Components
| Internet Explorer | Internet Control Panel and remove access to the
Connections tab so nobody can change it back.
 
=?Utf-8?B?andraA==?= said:
I need to disable any access to Internet Explorer from a Terminal Server
session.

Actually, I guess I should say ANY Web access.
Click to expand...

If you want to block all web access, you could use an IPSec policy on the OU
containing the terminal server machine.
Set the policy to drop all packets where the destination is port 80.

I'm not sure what effect this would have on services such as the Windows
Update client, so you might want to test it in a lab.
 
Hi all

It's much better to do this at your proxy or firewall. Policy doesn't
really lend itself to this goal. While an ipsec policy or pointing the
proxy to the loopback address will work, it makes things tricky as Andy
suggests.

I've seen attempts to prevent internet access by adding Internet Explorer to
the disallowed programs list in policy. This is problematic however because
of the shell integration and users can get to web sites via Windows
Explorer.

My first suggestion would be to lock this down at the firewall or proxy. If
you can't do this, a combination of ipsec policy, loopback as the proxy
address and disallowing Internet Explorer from running would be an approach.

Kind regards
--
Mark Renoden [MSFT]
Windows Platform Support Team
Email: (e-mail address removed)

Please note you'll need to strip ".online" from my email address to email
me; I'll post a response back to the group.

This posting is provided "AS IS" with no warranties, and confers no rights.
 
Back
Top