By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
At our school we have a number of wireless laptops that can be moved from class to class when needed. I would like to be able to stop users of the laptops from running Internet Explorer when needed. We are running Windows 2000 server with Windows XP clients. I have created a new OU in AD called 'Laptops' and would like to be able to move the laptops from the 'Computers' group to the new 'Laptops' OU when needed and have a GPO based in the 'Laptops' OU to stop Internet Explorer from running. When Internet access is next required, I would like to simply move the laptops back to the 'Computers' group.
Good news and bad news. I was able to write a Software Restriction Policy to restrict IEXPLORE.EXE. And that worked! The bad news: I just opened a regular "Explorer" window and typed in www.whatever.com and went out to the Internet.
So, that isn't going to work. However, when XP/SP2 comes out, it will have a Policy Setting called Restrict Internet communication, which will restrict all Internet Communication. This MIGHT be more heavy-handed than what you are after. But, give it a shot. It will be found in Administrative Templates | System | Internet Communication Management.
You might also try control via Internet Zones. Check out:
for more assistance.