none
SERVER 2012 R2 Limited access to specific clients.

    Question

  • Dear readers,

    Current Situatuion: I have a thin client server running 20 clients. The thin client server is further connected to the internet.

    Requirement:  8 of those thin clients need to be provided with the internet access(Browsing of websites), while 12 others should not be able to access any sites but should be able to access the NETWORKED STORAGE.

    Problem:  I have experimented with outbound rules a lot but am not able to find a solution, and i am a completely non technical guy. Kindly guide me on the issue.

    Regards
    Mohit
    Tuesday, April 05, 2016 6:14 AM

All replies

  • Current Situatuion: I have a thin client server running 20 clients. The thin client server is further connected to the internet.

    Requirement:  8 of those thin clients need to be provided with the internet access(Browsing of websites), while 12 others should not be able to access any sites but should be able to access the NETWORKED STORAGE.
      Kindly guide me on the issue.

    Regards
    Mohit
    Tuesday, April 05, 2016 6:49 AM
  • Hi,

    You will need to create groups and assign the users that will require access to Internet - example - InternetUsers Group and NoInternetUsers group, assign the users appropriate permissions in the Proxy server.

    Regarding Network Outbound rules I am not sure anyone can suggest what you need to implement without reading the Design and what is the requirement? What you want in Outbound rules? What should be allowed and disallowed?


    Regards, Jim MSCS - MCP Disclaimer: This posting is provided AS IS with no warranties or guarantees , and confers no rights. When you see answers and helpful posts, please click Vote As Helpful, Propose As Answer, and/or Mark As Answer

    Tuesday, April 05, 2016 8:05 AM
  • Thanks for your reply Jim.

    I want the following using the outbound rules, please tell me if it's possible without making a proxy server:

    1. Chosen users (Specified IP Addresses), should be allowed to view any website on the internet connected through the thin client server.

    2.  The others should be able to access the thin client server but still not be able to browse through any websites.

    3. Through the outbound rules i managed to block the 80 and 443 ports, which blocked all sites except if we use the ip address directly, but I Do not know how to implement this outbound rule to only a specific set of users.

    4.  i reach my deadline in 7 hours. :P

    Kindly guide me on how to firstly make such a policy that disables access to browsing and secondly, how to implement it on a specific set of users>?

    Thanking you,

    Regards,

    Mohit


    Tuesday, April 05, 2016 1:00 PM
  • Hi,
    Based I know, when you are creating the firewall rules, you could configure user/computer settings or scope settings to target specified users or groups.
    Please see the details from:
    Configuring Firewall Rules https://technet.microsoft.com/en-us/library/dd448559(v=ws.10).aspx#bkmk_Configuringuserorcomputersettings
    Windows Firewall and IPsec Policy Deployment Step-by-Step Guide
    https://technet.microsoft.com/en-us/library/cc732400(WS.10).aspx

    Regards,
    Wendy


    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, April 06, 2016 6:00 AM
    Moderator