You mean like through the post office right :) -Chris -----Original Message----- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner@;mail.activedir.org] On Behalf Of David N. Precht Sent: Thursday, October 17, 2002 4:18 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Disable IE via GPO
Reply to Rick, offline.... -----Original Message----- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner@;mail.activedir.org] On Behalf Of Rittenhouse, Cindy Sent: Thursday, October 17, 2002 16:39 To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Disable IE via GPO Rick, A copy would be very helpful, thank you. -----Original Message----- From: Rick Kingslan [mailto:rkingsla@;cox.net] Sent: Wednesday, October 16, 2002 13:17 To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Disable IE via GPO John, Interesting that you even mention this. I have a reg file that sets the zones on IE via directly modding the registry in just this manner. We've got about 25k seats of Inbound/Outbound 'Out-sourced marketers' (yeah, I can even put lipstick on a pig like Telemarketing!) and we have to lock them down to ONLY what we want them to do. If anyone wants a copy o it, let me know. I'll shoot it off to you... Rick Kingslan - Microsoft MVP [Windows NT/2000] Microsoft Certified Trainer MCSA, MCSE+I - Windows NT / 2000 "Any sufficiently advanced technology is indistinguishable from magic." --- Arthur C. Clarke > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:ActiveDir-owner@;mail.activedir.org] On Behalf Of > Bjelke John A Contr AFRL/VSIO > Sent: Wednesday, October 16, 2002 12:12 PM > To: '[EMAIL PROTECTED]' > Subject: RE: [ActiveDir] Disable IE via GPO > > > Well, you *could* write code into his login script that sets the IE > security preferences for the Restricted Zones, and then undoes it in > the "standard" login script so that others are not affected... > That would probably be a good script to hang onto for future > offenders as well. > Add his web-mail site to the restricted zones on a test pc, > then export HKEY_CURRENT_USER\Software\ > Microsoft\Windows\Current Version\Internet > Settings\ZoneMap\Domains to a REG file. In his logon script, > copy this reg file to a temp on the system and run it. For > the "clean up" in the normal script, find the specific entry > and delete it, maybe? > > I would also suggest drafting an "acceptable use" policy to run by the > powers that be, maybe through your IT boss... the worst they can do is > say "We're not concerned". At best, you might gain some leverage on > stopping things like this. Good luck! -JB > > -----Original Message----- > From: James Liddil [mailto:jliddil@;phytoceutica.com] > Sent: Wednesday, October 16, 2002 9:28 AM > To: [EMAIL PROTECTED] > Subject: RE: [ActiveDir] Disable IE via GPO > > > "We" don't have a policy in place the prevents folks from reading > yahoo, hotmail etc. So if I have our firewall configured to block > this I'm sure I'd immediately be blacklisted by end users. I could > just as easily use McAffee EPO and add these various webmail URLs and > block them. Until management decides this is a business critical > issue I won't go there. But I certainly have considered the idea > along with blocking IM traffic. > > Jim Liddil > > > -----Original Message----- > > From: Bjelke John A Contr AFRL/VSIO > > [mailto:John.Bjelke@;kirtland.af.mil] > > Sent: Tuesday, October 15, 2002 4:22 PM > > To: '[EMAIL PROTECTED]' > > Subject: RE: [ActiveDir] Disable IE via GPO > > > > > > Why not block his web-mail site @ the firewall? He might have > > legitimate project related need for web access, but if you can point > > to virus infections from his web-based email you should be able to > > justify blocking the site for everyone. > > John A. Bjelke > > Unisys > > 505.853.6774 > > [EMAIL PROTECTED] > > Man will occasionally stumble over the truth, but most times > > he will pick > > himself up and carry on... - Winston Churchill > > > > > > -----Original Message----- > > From: James Liddil [mailto:jliddil@;phytoceutica.com] > > Sent: Tuesday, October 15, 2002 1:54 PM > > To: [EMAIL PROTECTED] > > Subject: [ActiveDir] Disable IE via GPO > > > > > > W2K/Exchange2K Environment. We have a visiting scientist who I was > > asked to give an account to. Turns out he has been reading his web > > mail and it is highly infected based on the number of alerts I got. > > The one machine he uses I have pulled of the internet. But I now > > find he went to another machine and did some web mail (virus alert > > again). So at this point my hands are tied by the managements lack > > of policies. So I need a way to prevent him from using IE > > regardless of the machine. It seems in GPO I can lock it > > down but not totally disable it. Or is there a way? > > > > Jim Liddil > > List info : http://www.activedir.org/mail_list.htm > > List FAQ : http://www.activedir.org/list_faq.htm > > List archive: > > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > > > List info : > > http://www.activedir.org/mail_list.htm > > List FAQ : http://www.activedir.org/list_faq.htm > > List archive: > > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > List info : > http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/