Šta je novo?

Zabrana menjanja Proxy podesavanja

filipp

Čuven
Učlanjen(a)
15.03.2003
Poruke
847
Poena
619
Znaci u pitanj je radna grupa, 120 racunara.
Proxy podesavanja su ubacena preko skripta, ali ostaje problem
da korosnici mogu da iskljuce proxy. Dali postoji nacin da to zabranim?

Detalji: u pitanju je IE7, Korisnici imaju Guest nalog.

Hvala unapred
 
ako nisu u domenu, jedan od načina je da ti se proxy nalazi iza rutera i da svi imaju podešeno da je ta mašina koja je proxy ujedno gateway za sve mašine workgroup-e a da ista ima još jednu mrežnu preko koje je nakačena na ruter...

takodje, pošto ne znam koji ti je ruter u pitanju, pristup samom ruteru možeš npr da dozvoliš isključivo samo proxy mašini (definišeš na ruter-u MAC filtering) - pristup sa Intraneta (LAN)

ovde je kako možeš da podesiš za sve naloge u okviru jedne mašine....
http://centraal.uk.knowledgebox.com/kbase/idx/0/045/article/

a možeš i ovako da probaš

"....Setting up the Local Intranet zone (for network administrators)
To be secure, the Local Intranet zone must be set up in conjunction with the proxy server and firewall. All sites in the zone should be "inside the firewall," and proxy servers should be configured so that they do not allow an external DNS name to be resolved to this zone. Configuring the client zone security requires a detailed knowledge of the existing network configuration, proxy servers, and secure firewalls. If you don't know this information, contact your network administrator.

By default, the Local Intranet zone consists of local domain names and those set in proxy override on the Connections tab. You can configure these settings on the Connection Settings screen. Note that multiple connection settings can now be configured for each user. The network administrator should confirm that these settings are indeed secure for the installation or adjust the settings to be secure.

When setting up the zone, you can specify which categories of URLs should be considered. You can also add specific sites to the zone.

To specify categories of URLs to include in the zone from the browser
On the Tools menu in Internet Explorer, click Internet Options, and then click the Security tab.
Click the Local Intranet zone, and then click Sites.
Select the following check boxes that apply:
Include all local (intranet) sites not listed in other zones
Include all sites that bypass the proxy server
Include all network paths (UNCs)

Note

To add a specific site to this zone, click Advanced, type the URL, and then click Add. To require that server verification be used, select the Require server verification (https:) for all sites in this zone check box.
Local Intranet zone options
The following rules apply to the Local Intranet zone options. Note that adding a site to any zone takes precedence over the following rules:

Include all local (intranet) sites not listed in other zones: Intranet sites have names that do not include dots (for example, http://local). A site name such as http://www.microsoft.com/ is not local because it contains dots. This site would be assigned to the Internet zone. The intranet site name rule applies to file: as well as http: URLs.
Include all sites that bypass the proxy server: Typical intranet configurations use a proxy server to access the Internet with a direct connection to intranet servers. This setting uses this kind of configuration information to distinguish intranet from Internet content for purposes of zones. If the proxy server is otherwise configured, you should clear this option and use other options to designate files that are assigned to the Local Intranet zone. In systems that do not have a proxy server, this setting has no effect.
Include all network paths (UNCs): Network paths (for example, \\local\file.txt) are typically used for local network content that should be included in the Local Intranet zone. If there are network paths that should not be in the Local Intranet zone, you should clear this option and use other options to designate files that are assigned to the Local Intranet zone. For example, in certain Common Internet File System (CIFS) configurations, it is possible for a network path to reference Internet content.
After the Local Intranet zone is confirmed secure, consider changing the zone's security level to Medium-Low or Low to enable a wider range of powerful operations to be performed. It is also possible to adjust individual security settings in the Custom Settings dialog box.

If there are parts of your intranet that are less secure or otherwise not trustworthy, they can be excluded from this zone by assigning them to the Restricted Sites zone.

The Local Intranet zone is intended to be configured via Group Policy or the IEAK, although you can also use the options on the Security tab in the Internet Properties dialog box..."
 
Poslednja izmena:
Vrh Dno