Disable internet access only for specific time with GPO?

I need to be able to disable web browsing during specific times (night shift for example). I know I can create a GPO policy and set a 'fake proxy' for IE that would blanket kill browsing but I don't want to have that enabled 24/7. Is there any way to do only from like 5pm - 5am.
Or is there a better way to do this? I know I could setup a Squid Server and set time limits through there. Was just curious if it could be done through AD.
This topic first appeared in the Spiceworks Community

Ok, I just thought of a way to do it with GPO.Create the gpo to setup the fake proxy setting and also lock out the proxy setting to keep the users from disabling the setting.Setup targeted application of the GPO based on a specific AD group. Depending on if you setup the GPO policy under computer or user you can add either user names to this AD group or add computer names to this group (you could also create a nested group so you are only adding and removing one name from the targeted GPO group). Setup the task scheduler to add and remove names to this gpo application group based on time of day. Understand there will be a delay of up to 2 hours between the time the user is added to this group and the application of the GPO to the target computer. It would appear a bit clunky, but it should work.The squid route would be a bit more...

Similar Messages

How to disable an alert for specific time period in SCOM 2012 R2

Hello,
Is there any option to disable an alert for specific time period in SCOM 2012 R2
Regards,
angs

No. But you can use the scheduler module in your rule or monitor, which will dictate when the workflow will actively run on the agent - hence disabling alerting for that time period.
http://msdn.microsoft.com/en-us/library/ff453828.aspx
Jonathan Almquist | SCOMskills, LLC (http://scomskills.com)

My new I pad three connects to the internet but only for a brief period of time. I then have to restart it only to get the same results.

My new Ipad 3 connects to the internet but only for a brief period of time. I then have to reboot only to get hte same results. Any suggestions?

You are correct. Syncing should transfer any purchased media, including videos, from your device to your iTunes library provided your computer is authorized for the Apple ID used to make these purchases. You mentioned that you have uninstalled iTunes before, but if you didn't follow this guide exactly, uninstalling iTunes and all of its components in the order specified, it may not have been successful so you should try again: Windows XP or Windows Vista/7.

I want to disable Internet access to user using GPO

I am using Win Server 2008 R2, I want to disable the users from accessing Internet which are in that OU. Can anyone tell me how is it possible ?

Hi,
Disabling Internet access using software on the client is inherently difficult. The client isn't aware of what is an internal resource (like an Intranet page for example) as opposed to an Internet resource. You can use GPOs to disable specific programs
(like browsers) or to change how traffic is routed by the client but in order to effectively control who can and can't access the Internet, your best bet is a perimeter device like a proxy or firewall that sits between your clients and the Internet and is
integrated with AD so it can manage access to the Internet based on users, groups, IP addresses, etc.
The closest you can come without a proxy is to configure a proxy server address for those users using the Internet Explorer Maintenance component (found under User Configuration\Windows Settings). This proxy can either be a non existent address or
if you want more control over the error messages users get, it can be an internal web server with a page that provide a custom message. The same configuration will allow you to list specific URLs that are exempt in case you have specific web sites, internal
or external that must be available.
Note that this option will apply to all browsing, internal and Internet based, but will only impact IE. Internet access using other browsers or other software will not be impacted unless that software leverages the IE proxy configuration (which many
applications do).
Hope this helps,
Guy

SAP_COLLECTOR_FOR_PERFMONITOR - canceled only at specific time

Hi All,
Job SAP_COLLECTOR_FOR_PERFMONITOR is scheduled hourly on ECC system.
All jobs are finished successfully in a day but only at specific time its getting failed.
Recently we have upgrade the support package of SAP_BASIS & SAP_ABP from 05 to 13. After then we are getting this error message.
In ST22 we getting ABAP dump for job:-
Runtime Errors         LOAD_PROGRAM_NOT_FOUND
Date and Time          27.08.2014 12:19:42
Short text
     Program "RSORA811" not found.
What happened?
     There are several possibilities:
     Error in the ABAP Application Program
     The current ABAP program "RSCOLL00" had to be terminated because it has
     come across a statement that unfortunately cannot be executed.
     or
     Error in the SAP kernel.
     The current ABAP "RSCOLL00" program had to be terminated because the
     ABAP processor detected an internal system error.
Error analysis
    On account of a branch in the program
    (CALL FUNCTION/DIALOG, external PERFORM, SUBMIT)
    or a transaction call, another ABAP/4 program
    is to be loaded, namely "RSORA811".
    However, program "RSORA811" does not exist in the library.
    Possible reasons:
    a) Wrong program name specified in an external PERFORM or
       SUBMIT or, when defining a new transaction, a new
       dialog module or a new function module.
    b) Transport error
How to correct the error
    Check the last transports to the R/3 System.
    Are changes currently being made to the program "RSCOLL00"?
    Has the correct program been entered in table TSTC for Transaction " "?
    If the error occures in a non-modified SAP program, you may be able to
    find an interim solution in an SAP Note.
    If you have access to SAP Notes, carry out a search with the following
    keywords:
    "LOAD_PROGRAM_NOT_FOUND" " "
    "RSCOLL00" or "RSCOLL00"
    "LOOP_AT_SYSTEMS_AND_REPORTS"
System Details :-
SAP Version - SAP ECC 6.0 EHP 4
Oracle DB - 10.2.0.5.0
OS- HP UNIX 11.31
Kernel Release 721 - patch level 201
Please suggest for solution
Regards,
Ajay Asawa

Hi Ajay,
If any job is failing at a particular time, you should look for other changes happening in you system.
Perhaps, any other job running causing problems.
Alos, refer: 1841778 - LOAD_PROGRAM_NOT_FOUND in RSCOLL00
Regards,
Divyanshu

Can I disable photo stream only on specific WIFI connection?

Hi,
I just purchased a mobile router with a data limit 50MB/day for my old iPhone 4.
This iPhone 4 only connects to WIFI network.
I like photo stream and want to keep using it with my unlimited family WIFI network, but, the problem is when I connect it to my mobile route through WIFI, the photo stream won't stop working. That cause my 50M/day plan runs out in a minute.
So, is there a way to disable photo stream only on specific WIFI connection?
I tried iPhone Configuration Utility and it seems not have a function like that.
Thanks in advance!

Welcome to the Apple Community Katie.
It is the purpose of photo stream to sync all photos to all devices, the only way to remove the photos from the computer without affecting other devices is to turn photo stream off.

Ethernet cable internet access only No WiFi in hotel MBA user

Am assuming I need to carry my own Airport Express with my MBA as I am in a hotel that has ethernet cable internet access only - no WIFI? If so, what do I need to know about how to get MBA and Airport Express to "talk" to each other in these types of hotel situations?
Thanks for your assistance
PEM

Hi Elegba,
Curious... did you consider the USB Ethernet adapter for the MacBook Air? A whole lot cheaper of a solution for a hotel without WiFi. Not to mention, I've found (after initially struggling to justify the purchase) that I use mine more than I originally thought.
However, to answer your question. You'll connect the Ethernet to the AirPort Express Base Station and configure it via the AirPort Utility on your MacBook Air. It's very straight-forward and you'll be creating a wireless network. You may need to first get setup with your 'in room' connection, though, I know most hotels have a proxy connection for web access. While you should still be able to setup the Express, it's just something to keep in mind.

DIsable smtp auth only for an ip

Dear gurus,
I have sun messaging server 6 running perfectly alright and only new thing which I would like to incorporate is to disable smtp auth only for one ip address.I am new to this system and have gathered following information from sun messaging docs, the steps which I followed..
1) Create a table DISABLE_SMTPAUTH_IP similar to INTERNAL_IP mapping table in mapping file
INTERNAL_IP
10.18.18.19 $Y
10.18.18.38 $Y
10.18.18.30 $Y
127.0.0.1 $Y
* $N
! Added on 01092008 for disabling smtp_auth
DISABLE_SMTPAUTH_IP
external.ip.addres $Y
*$N
2) ALLOW PORT ACCESS
*PORT_ACCESS
*|*|*|*|* $C$|DISABLE_SMTPAUTH_IP;$3|$Y$E
*|*|*|*|* $C$|INTERNAL_IP;$3|$Y$E
3) Then right after the current rewrite rule in imta.cnf file Created new TCP CHANNEL
! Do mapping lookup for internal IP addresses
[] $E$R${INTERNAL_IP,$L}$U%[$L]@tcp_intranet-daemon
added a new rewrite rule:
! Do mapping lookup for "no smtp auth", non-internal IP addresses
[] $E$R${DISABLE_SMTPAUTH_IP,$L}$U%[$L]@tcp_nosmtpauth-daemon
! ttcp_nosmtpauth-daemon
tcp_nosmtpauth-daemon smtp mx single_sys subdirs 20 maxjobs 7 pool SMTP_POOL nosasl nosaslserver
tcp_nosmtpauth-daemon
! tcp_local
tcp_local smtp mx single_sys remotehost inner switchchannel subdirs 20 maxjobs 30 pool SMTP_POOL maytlsserver maysaslserver s
aslswitchchannel tcp_auth loopcheck threaddepth 32 blocklimit 5120 notices 1 2 backoff "pt5m" "pt1h" "pt2h" "pt4h" destinati
onspamfilter1optin spam
tcp-daemon mumbbmr1.dataone.in
! tcp_intranet
!tcp_intranet smtp mx single_sys subdirs 20 dequeue_removeroute maxjobs 7 pool SMTP_POOL maytlsserver allowswitchchannel sasl
switchchannel tcp_auth blocklimit 2500
!tcp_intranet smtp mx single_sys subdirs 20 dequeue_removeroute maxjobs 7 pool SMTP_POOL maytlsserver allowswitchchannel sasl
switchchannel
!tcp_intranet-daemon
run /opt/SUNWmsgr/sbin/imsimta refresh
alternatively tried imsimta cnbuild and imsimta restart
but still i get Mail rely denied when I try sending messages from the same trusted IP without doing AUTH.
I would like to know...
1) If there is something mising or wrong in above steps
2) HOw do i check if the messages from that IP(for which smtp auth is disabled) is passing from the tcp_nosmtpauth channel...
THanks for giving your valuable time...

thanks very much shane for giving time...
Please always provide the exact version of Messaging Server (./imsimta version).
mumxxxx1 # ./imsimta version
Sun Java(tm) System Messaging Server 6.2-6.01 (built Apr 3 2006)
libimta.so 6.2-6.01 (built 11:20:35, Apr 3 2006)
SunOS mumxxxx1-a-fixed 5.9 Generic_118558-28 sun4u sparc SUNW,Sun-Fire-V440
mumxxxx1#
Why would you want to disable SMTP Authentication? What are you attempting to achieve by doing this -- what is the problem you are trying to solve?
We are an ISP and therefore sometimes required to send bulk mail, for which we are currently using perl bulk mail module script and there we specify the users in text file to send message, everytime this module try sending it get Mail Relaying denied as it doesnot supply user and passwd required for smtp auth in base64.
Therefore I wanted to disable smtp auth for an ip address using which smtp auth is not reqauired and mails should be openly relayed.
Why are all of the above entries commented out? Did you intend to disable (break) the tcp_intranet channel?
no it is not commented in config files.
+./imsimta refresh is no longer a valid comment, you need to use ./imsimta cnbuild;./imsimta restart+
as per sun mesaging server 6 admin guide it is given to be working. Alterntively I tried ./imsimta cnbuild;./imsimta restart.
Please provide the mail.log_current line that matches the attempted email delivery which was rejected.
mumxxxx /opt/SUNWmsgsr/sbin # tail -f /mta/logs/imta/mail.log_current
08-Sep-2008 13:42:19.52 7079.0fca.710096 tcp_local J 0 [email protected] rfc822; [email protected] mailserv 530 5.7.1 Relaying not allowed: [email protected] SMTP
bash-3.00# telnet mumxxxx 25 Trying 10.18.18.19...
Connected to ::ffff:10.18.18.19.
Escape character is '^]'.
220 mumxxxx.datxxxx.in -- Server ESMTP (*)
ehlo mumxxxx.daxxxx.in
250-mumxxxx.daxxxxx.in
250-8BITMIME
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-HELP
250-XLOOP 82F58AB6E3453199924062C516F2E337
250-AUTH PLAIN LOGIN
250-AUTH=LOGIN
250-ETRN
250-NO-SOLICITING
250 SIZE 0
mail from: [email protected]
250 2.5.0 Address Ok.
rcpt to: [email protected]
530 5.7.1 Relaying not allowed: [email protected]
rcpt to: [email protected]
Also please clarify if you want to disable the ability to perform SMTP auth or whether you want to allow email to be sent without requiring SMTP auth -- these are two completely different objectives.
No I do not want to disable SMTP auth for everyone.DEfault is it should be forced to all except from one ip. ie disable smtp auth only for an ip address.
Regards
Pradeep

How do I send SMS only at ALL TIMES with an iPhone to ALL contacts? My family shares iPads under my ID and now my teenager gets all my business texts!

How do I send SMS only at ALL TIMES with an iPhone to ALL contacts? iOS 8 now forces all Apple users to use iMessage all the time with all other iOS users. The option to send as SMS only is subordinate to iMessage in iOS 8 settings and CANNOT be turned off to send only SMS texts to another iOS device! This is a serious privacy issue for all households using iOS and doing family sharing, including over a number of iOS devices, under one member's Apple ID. Why should business conversations or financial conversations between parents be readable on an iPad in the hands of a teenager or a seven year old? The answer is not as simple as "Just don't enable iMessage on your other devices," because amy family that shares the Apple ID password is vulnerable to teenagers particularly hacking into iMessage to monitor, for example, what their parents are saying. If I were Samsung or Google I would hammer this issue immediately and continually until it is fixed by Apple (and I'm not sure why they haven't yet). iMessage is a convenience but it has this serious limitation given the architecture of the Apple universe. Apple simply cannot force all its users to conduct text messaging in arbitrarily limited way, any more than it was able to force all its users to switch from Google Maps. When will Apple fix this?

Trademann wrote:
Fox, that does not work, because then you are blocked from sending any form of message to another Apple user. iMessage MUST be activated to text any other iOS device. And then Apple defaults by ALWAYS using iMessage between iOS devices.There is simply no way, within iOS 8, to send SMS only to another Apple user. Apple has made that impossible.
The SMS-only choice used to be on the same menu level as iMessage, but now it is locked WITHIN iMessage, and is not available as a choice unless iMessage is activated. Then it is limited solely to being used if iMessage is not available.
I'm sure their argument is that they are saving their customers money because iMessage is free, but they are imposing an opportunity cost on 100 percent of their user base in the guise of saving that money. What they are really doing is entrapping faithful users such as myself further within the Apple ecosystem. If I hadn't already spent thousands of dollars on my iTunes library I might consider a Galaxy ... Samsung does not deserve to regain any momentum if they can't figure out how to exploit this.
Turning off iMessage does not prevent you from sending messages to other Apple users. You can send an SMS to any iPhone without your own iMessage turned on, even if it is turned on on their iPhone.
The SMS-only option is: Turn off iMessage. Literally. That's it.

Cellular data only for specific apps

Is there a way by which i can enable cellular data only for specific apps? Lets suppose i want only mail and viber to run on cellular. So how do i enable cellular network only for viber and mail

Hello all,
I have been using the iPhone 4S for about a year and I never had problems untill a few days back. Since about a week, my 3G settings for applications installed automatically reset.
Path >> iPhone screen >> Settings >> Mobile(Cellular) >> Use Mobile Data For >> "List of all apps installed"
Against each application, you have an option to either enable / disable the mobile data usage:
Eg:
App Store          (swipe left to disable || swipe right to enable)
Contacts          (swipe left to disable || swipe right to enable)
Facebook          (swipe left to disable || swipe right to enable)
Facetime          (swipe left to disable || swipe right to enable)
Weather          (swipe left to disable || swipe right to enable)
You Tube          (swipe left to disable || swipe right to enable)
etc...
Problem:
If I don't want You Tube to use mobile data, I would normally swipe left to disable thus the application will not start / stream any music if its on 3G/4G. Since a few days, whenever I disable the option for any app... go back to the main screen and recheck the settings, I see its enabled again!
The error I see when I start the app is:
MOBILE DATA IS TURNED OFF FOR "YOU TUBE"
You can turn on mobile data for this app in settings
<Settings>     <OK>
When I go back to settings... I see the option is enabled.
Now I dont know what and how this happened all of a sudden. I have tried resetting the network settings for my iPhone, and it has not helped me.
My iPhone is updated to OS 7.0.4 and all apps are updated.
Anyone can help me on this error and how do I fix this?
FYI... I have no problems connecting to WiFi at all!

How to change color of a button for specific time interval in jsp

How to change color of a button for specific time interval in jsp.
Please help.
Thanks in advance.

This was driving me crazy, too--and the previous answers did not seem to work. I eventually found that if I click one of the data symbols in the graph in exactly the right spot (see below), it selects only the data symbols and not the line. I can tell this because the little selection dots will be around each data symbol, but no selection dots will be on the line between the data symbols - like the graphic in Yvan's answer. Then and only then will the color symbol in the tool bar show the color of the data symbol, instead of the color of the line. I believe that you then have to first click on the color swatch in the toolbar and then select your color (or choose Show Colors and select from the color tool). Just clicking a color in the crayon box, for example, did not seem to work unless I first clicked on the color swatch in the toolbar, then clicked Show Colors on that dropdown, and +only then+ clicked the crayon or whatever.
_The right spot to click_ seems to be just above the exact center of the data symbol, at least for the diamond shape symbol that I prefer. Sometimes it takes several tries to hit the right spot. If I miss it, the whole line is selected, which is indicated by the little selection dots on the line, between the data symbols. When I click the right spot, those selection dots go away, leaving only the data symbols selected. Then I can change the color, as described above.
I hope this works for you too.

Using manual IP address only for specific networks

For my home network I use DHCP with manual address because I have to forward some ports specifically to my computer. However this causes problems when connecting to other networks. For some reason this setting stays active even when using other networks. Therefore, I can't connect to say my school network because the setting has to be set to plain DHCP. Is there a way to use manual IP address only for specific networks?

System Preferences > Network > Locations and add a location for your home with its manual settings. Add a location for other DHCP locations. Then when you want to connect at another DHCP location select that location from your locations dropdown.

Disabling user access to a specific server

Hi,
I want to disable the access of a specific user to a specific server. Is this possible?
Thanks,
Ziv

There are two things I know you can do:
1. In Server Admin, click on the server you are want to block the user from and then click on access from the row of icons at the top. For the services you want to block (from what you posted it would seem like SSH and VPN and maybe a few more) put the users that you want to have access and exclude the user you don't want to have access.
2. In Workgroup Manager, go to computers. There should already be an entry for the server (at least mine was automatically added). Click on the server computer in question and then click on Preferences, then Login, and then select the Access tab from the bar. On the Access Control List you can add the user to the list and then mark their login permissions as deny. This way they will be denied from logging on to the server.

Restricting Access only for APPS account using SQLNET

Dear Friends,
Recently we have an incident that a functional consultant has cracked the Apps password. I don't know how.
Now what we are planning is to restrict the database access to only the dba team using sqlnet.ora file and its tcp.validnode_checking parameter.
However, the problem is that we want to continue the APPSRO(which is an Apps Read Only Account) access to them.
Is there any way possible to restrict access only for a particular database user account using sqlnet.ora
please help.
Thanks.

Recently we have an incident that a functional consultant has cracked the Apps password. I don't know how.
Now what we are planning is to restrict the database access to only the dba team using sqlnet.ora file and its tcp.validnode_checking parameter.
However, the problem is that we want to continue the APPSRO(which is an Apps Read Only Account) access to them.
Is there any way possible to restrict access only for a particular database user account using sqlnet.ora
Now what we are planning is to restrict the database access to only the dba team using sqlnet.ora file and its tcp.validnode_checking parameter.
However, the problem is that we want to continue the APPSRO(which is an Apps Read Only Account) access to them.
Is there any way possible to restrict access only for a particular database user account using sqlnet.oraNo (and even if it exists, I believe this does not fix the main issue with the apps password which could be cracked again).
The proper way would be changing the apps password and meet the security requirements in these docs.
Secure Configuration Guide for Oracle E-Business Suite 11i [ID 189367.1]
Secure Configuration Guide for Oracle E-Business Suite Release 12 [ID 403537.1]
FNDCPASS Utility New Feature: Enhance Security With Non-Reversible Hash Password [ID 457166.1
Thanks,
Hussein

Photoshop Elements 11 installed on Mac Mini OS X 10.9.5. Application running successfully on bot main user and administrative accounts for considerable time with no warning messages. When established a new user account on same computer and try to call up

Photoshop Elements 11 installed on Mac Mini OS X 10.9.5. Application running successfully on bot main user and administrative accounts for considerable time with no warning messages. When established a new user account on same computer and try to call up elements receive message “Some ot the application components are missing from the Application directory. Please reinstall the application.” How do I correct this problem without disturbing application in main user account?

Brooks lansing if you create a new Administrator account does the same issue occur? If so then it is likely that there is a file permission failure and file permissions have been set for the existing Users instead of the groups they belong to.
Have you removed and reinstalled Photoshop Elements 11? This may reset the file permissions to the correct state to allow it to work under new accounts.

Disable internet access only for specific time with GPO?

Similar Messages

Maybe you are looking for