Results 1 to 3 of 3

Thread: Multi-user XP system - lock IE settings?

  1. #1
    Taz
    Taz is offline
    Senior Member Taz's Avatar
    Join Date
    Jan 2005
    Location
    London
    Posts
    2,152
    Thanks
    57
    Thanked
    29 times in 27 posts
    • Taz's system
      • Motherboard:
      • Gigabyte Z270 HD3P
      • CPU:
      • Intel Core i5 7600K
      • Memory:
      • Corsair CMK16GX4M2B3200C16R Vengeance LPX 16 GB
      • Storage:
      • Samsung 960 EVO M.2-2280 500GB (PCIe) + 1TB Sandisk Ultra II SSD (SATA)
      • Graphics card(s):
      • Asus NVIDIA GeForce GTX 1070 OC
      • PSU:
      • Corsair CS550M 550W Hybrid
      • Case:
      • NZXT Source 340
      • Operating System:
      • Windows 10 Pro
      • Monitor(s):
      • 34" Asus Designo Curve MX34VQ UWQHD Monitor
      • Internet:
      • Virgin Media M350

    Multi-user XP system - lock IE settings?

    I built a PC last year that has XP Pro SP2 installed on it. There are several users that use this machine, each with a different user ID, and I want to keep my IE settings at High Security for all users to protect the machine and limit the types of sites that those users can visit.

    Is there a way that I lock out access to the Tool->Internet Options menu in IE so that only I can change it (this is also accessible through Control Panel)? All the users have Administrator rights at present but only I know the password for the 'Administrator' user. One or two of the users keep setting the security level to Medium to surf dodgy sites!

  2. #2
    Member
    Join Date
    Jun 2004
    Posts
    147
    Thanks
    0
    Thanked
    0 times in 0 posts
    In a network environment this can probably be done with Group Policy. Without an AD domain you can still edit the local group policy directly however.

    Type gpedit.msc in the run box, go to user configuration, administrative templates, internet explorer.

    I think this may effect ALL users though, not specific ones. Have a play though, but be careful not to change something that will stop you from changing it back !

  3. #3
    Taz
    Taz is offline
    Senior Member Taz's Avatar
    Join Date
    Jan 2005
    Location
    London
    Posts
    2,152
    Thanks
    57
    Thanked
    29 times in 27 posts
    • Taz's system
      • Motherboard:
      • Gigabyte Z270 HD3P
      • CPU:
      • Intel Core i5 7600K
      • Memory:
      • Corsair CMK16GX4M2B3200C16R Vengeance LPX 16 GB
      • Storage:
      • Samsung 960 EVO M.2-2280 500GB (PCIe) + 1TB Sandisk Ultra II SSD (SATA)
      • Graphics card(s):
      • Asus NVIDIA GeForce GTX 1070 OC
      • PSU:
      • Corsair CS550M 550W Hybrid
      • Case:
      • NZXT Source 340
      • Operating System:
      • Windows 10 Pro
      • Monitor(s):
      • 34" Asus Designo Curve MX34VQ UWQHD Monitor
      • Internet:
      • Virgin Media M350
    Thanks for the info. What I ended up doing was as follows.

    I added one of the dodgy sites to the Restricted Zone (using the add sites option). The security setting for this zone is normally set to High. The particular site uses ActiveX controls and was now effectively blocked. However, one particular user of the PC managed to find the Tools-->Internet Options menu and went into the Restricted Zone and lowered the security setting, thereby getting on to the dodgy site!

    I then Google'd for a few days and found some Registry settings that would disable access to the Tools-->Internet Options menu.

    More details are on this site:

    http://www.winguides.com/registry/display.php/442/

    The keys had to be added manually using 'regedit' as they do not exist with XP Pro SP2 by default. It works a treat and can be set on a per user basis (HKCU) or system-wide (HKLM). If a user tries to access Tools-->Internet Options they get a popup system message telling them that their action is restricted and they must contact the system administrator.

    Hence, to achieve what I wanted, I added the domains of the sites I wanted to ban in the Restricted Sites zone. I ensured that the security setting of the Restricted Zone was set to high (which will allow the site to be accessed but will hardly display anything that might be harmful (eg. Javascript, ActiveX controls. applets, etc are all blocked). This effectively makes the site unusable. I then added the Registry key using information from the site above (the actual DWORD value used was 'NoBrowserOptions' set to '1').

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Abit NF7-S revision 2 information
    By Lee H in forum SCAN.care@HEXUS
    Replies: 22
    Last Post: 30-10-2004, 07:13 PM
  2. Keeping your system healthy and secure
    By Paul Adams in forum Software
    Replies: 6
    Last Post: 12-10-2004, 09:35 PM
  3. Newbie needing help with Barton XP2500+ system...
    By adlamb in forum PC Hardware and Components
    Replies: 17
    Last Post: 12-04-2004, 05:05 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •