Hello all,
This topic has everything to do with the project listed in my previous post in the same forum. It's titled "Registry - HKLM_CURRENT_USER Win2K" This problem is for the same project of locking down machines to have bare minimum needs.
This question, however... is server-side.
The 200+ machines that will be connecting to the Terminal Server (dont worry, it's fast enough) are going to all get the same desktop/icons and settings. All will be logged in as the same user, just multiple/separate instances.
We have a proxy server here at work. proxy.address.com:8000 is the address/port. BUT, it also uses the NT authentication. So I have proxy access because my domain account has proxy access. Now, the FITUSER id that is logged in a couple hundred times has basic/restricted proxy access. Only sites that are pertinant to the business. Internal sites, and a few others for HR/Benefits information, etc.... that have been graciously outsourced so they're off our LAN. SO, if the FITUSER goes to any of THOSE sites, everything's just fine and dandy. BUT, if you were to say.... type in
www.msn.com and press enter, you'll get a box prompting you for your Username, Password, and Domain. We want this to NOT happen. Because if it comes up, they can still use this locked down PC to get on the outside internet and potentially get a virus (thats how we got that blaster worm a couple weeks ago, and a few others in the past)
So the question is.... I dont want to disable proxy access 100%. I just want it to not prompt them to log into the proxy server as a different username. Proxy access is required for those few sites.
Any suggestions?
Brian L. Busse
(Having fun working with the network admin that's never done this before either)
Linear Mode
