Our disciplinary process here at the college involves restricting student's access to the Internet for one week when a breach of the computer usage agreement is committed.

This was achieved by adding our students to a policy in our content filter that allowed our internal IP range but nothing external.

However since migrating to Live@edu this was no longer applicable.

What we needed to do was add some additional domains so that access to live@edu can also happen. I raised a support call with Microsoft for a comprehensive list of associated domains and they came back with one...*live*. Not so. Below is the list of all domains I've allowed so that Live@edu can be served up.

*live*
*passport*
*wlxrs*
*microsoft*
*bing*
*outlook*
*atdmt*
*msecnd*

Without allowing all of these, the page will either render very badly or most likely not at all. I was particularly annoyed at having to allow bing.