+ Post New Thread
Results 1 to 3 of 3
Windows Server 2000/2003 Thread, Dns based on AD OU in Technical; Hi We don't have ISA server or any filtering on our site - its all based at the ISP end. ...
  1. #1

    Join Date
    Apr 2007
    Location
    York
    Posts
    551
    Thank Post
    9
    Thanked 4 Times in 4 Posts
    Rep Power
    19

    Dns based on AD OU

    Hi

    We don't have ISA server or any filtering on our site - its all based at the ISP end.

    I'm trying to unblock youtube for staff but not pupils. Youtube https is currently blocked in DNS by giving it a false IP address

    One way I can do it is if it change DNS on the client to the router and they can access it via HTTPS

    Is there a way via regedit or logon script to add the DNS entry based on whether its staff or pupils login on.

    Thanks

  2. #2

    tmcd35's Avatar
    Join Date
    Jul 2005
    Location
    Norfolk
    Posts
    5,612
    Thank Post
    845
    Thanked 880 Times in 730 Posts
    Blog Entries
    9
    Rep Power
    326
    I haven't used it in a while, but I think what you are after is the "Hosts" file which windows checks before asking DNS to resolve. (hosts (file) - Wikipedia, the free encyclopedia)

    A better solution is to use something like AB-Tutor or NetOps which usually include filter rules to you can block for students in there rather than mucking about with DNS and effecting all users.

  3. #3


    Join Date
    Dec 2005
    Location
    In the server room, with the lead pipe.
    Posts
    4,627
    Thank Post
    275
    Thanked 777 Times in 604 Posts
    Rep Power
    223
    Quote Originally Posted by karldenton View Post
    Hi

    We don't have ISA server or any filtering on our site - its all based at the ISP end.

    I'm trying to unblock youtube for staff but not pupils. Youtube https is currently blocked in DNS by giving it a false IP address

    One way I can do it is if it change DNS on the client to the router and they can access it via HTTPS

    Is there a way via regedit or logon script to add the DNS entry based on whether its staff or pupils login on.

    Thanks
    Look into per-user/group/machine/ou firewall rules in a GPO instead?

    Say...if user=staffgroup and destination = youtube URLs, then allow, else drop.

    Filter via usergroup or apply on a per-OU basis, depending on how you're setup. You'll probably have to fiddle with it a bit.

    Alternatively, ask your ISP to allow youtube for IPRange and set reservations for staff devices.

    I really wouldn't start pointing windows clients at DNS servers that aren't AD-linked if you're using AD.

SHARE:
+ Post New Thread

Similar Threads

  1. VBS to run based on AD group
    By FN-GM in forum Scripts
    Replies: 6
    Last Post: 6th February 2012, 09:44 PM
  2. Replies: 18
    Last Post: 4th December 2011, 10:44 PM
  3. Replies: 9
    Last Post: 6th October 2010, 03:54 PM
  4. redirect a user based on the OU Sharepoint
    By mtdmitchell in forum Virtual Learning Platforms
    Replies: 11
    Last Post: 27th March 2010, 09:06 AM
  5. Assinging printers to clients based on OU
    By originofsymmetry in forum Network and Classroom Management
    Replies: 3
    Last Post: 11th July 2007, 06:02 AM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •