Sign in with
Sign up | Sign in
Your question

Difference b/w Admin and User accounts when running IE

Last response: in Windows 2000/NT
Share
Anonymous
February 2, 2005 6:17:03 AM

Archived from groups: microsoft.public.win2000.security (More info?)

I have implemented several Group polices to secure a W2K Terminal server. I
used the basic and medium ADM templates (not the HI). Sorry I forgot the
exact names.
After I did this my users can not access certain web sites, such as
"www.yahoo.com" and "www.victrip.com.au". IE just locks up.
However, if I logon as the domain administrator or as a user that is a
domain admin I can access those sites.
Why is this so?
I have traced what is happening within IE and found that the sites it has
problems with are all redirected.
Can anyone point me to a registory key or policy that I can change to get it
working again? Thanks in advance.
Anonymous
February 3, 2005 12:23:43 AM

Archived from groups: microsoft.public.win2000.security (More info?)

If these were security templates and you can remember the names and where
you got them from then that may help. Sounds strange that a regular user
could not access Yahoo.com. It might be worth a try to put Yahoo.com in the
trusted web content zone to see if it makes a difference and also check
Event Viewer for any pertinent messages. -- Steve


"Trying Hard" <TryingHard@discussions.microsoft.com> wrote in message
news:4A456001-E2FD-47F0-9325-75DAF0D48420@microsoft.com...
>I have implemented several Group polices to secure a W2K Terminal server. I
> used the basic and medium ADM templates (not the HI). Sorry I forgot the
> exact names.
> After I did this my users can not access certain web sites, such as
> "www.yahoo.com" and "www.victrip.com.au". IE just locks up.
> However, if I logon as the domain administrator or as a user that is a
> domain admin I can access those sites.
> Why is this so?
> I have traced what is happening within IE and found that the sites it has
> problems with are all redirected.
> Can anyone point me to a registory key or policy that I can change to get
> it
> working again? Thanks in advance.
>
Anonymous
February 17, 2005 5:55:03 PM

Archived from groups: microsoft.public.win2000.security (More info?)

I did that and it worked. The problem as I see it is that the initial site
"redirects" me to another site/url. For "www.yahoo.com" it takes me to
"au.yahoo.com". Just imagine how many entries I would need to put in the as
trusted.

I don't understand why it should work fine for an administrator as opposed
to a normal user. The security policies are applied to the server and not the
user. Is it an IE or Windows security problem? It appears as though I need to
set something like "allow redirect for all users". I tried setting security
to LOW as a test but it made effect.


"Steven L Umbach" wrote:

> If these were security templates and you can remember the names and where
> you got them from then that may help. Sounds strange that a regular user
> could not access Yahoo.com. It might be worth a try to put Yahoo.com in the
> trusted web content zone to see if it makes a difference and also check
> Event Viewer for any pertinent messages. -- Steve
>
>
> "Trying Hard" <TryingHard@discussions.microsoft.com> wrote in message
> news:4A456001-E2FD-47F0-9325-75DAF0D48420@microsoft.com...
> >I have implemented several Group polices to secure a W2K Terminal server. I
> > used the basic and medium ADM templates (not the HI). Sorry I forgot the
> > exact names.
> > After I did this my users can not access certain web sites, such as
> > "www.yahoo.com" and "www.victrip.com.au". IE just locks up.
> > However, if I logon as the domain administrator or as a user that is a
> > domain admin I can access those sites.
> > Why is this so?
> > I have traced what is happening within IE and found that the sites it has
> > problems with are all redirected.
> > Can anyone point me to a registory key or policy that I can change to get
> > it
> > working again? Thanks in advance.
> >
>
>
>
Anonymous
March 10, 2005 8:29:53 PM

Archived from groups: microsoft.public.win2000.security (More info?)

"Trying Hard" <TryingHard@discussions.microsoft.com> wrote in message
news:650B7E56-F0F8-4508-A927-44518EECD8A9@microsoft.com...
> I did that and it worked. The problem as I see it is that the initial site
> "redirects" me to another site/url. For "www.yahoo.com" it takes me to
> "au.yahoo.com". Just imagine how many entries I would need to put in the
as
> trusted.

I see what's going on - Yahoo's redirector is getting stopped by your
default settings for the Internet security zone. You can disable META
REFRESH in a zone's security settings. Re-enable this feature for the
Internet zone in your policy, and it should get fixed.

> I don't understand why it should work fine for an administrator as opposed
> to a normal user. The security policies are applied to the server and not
the
> user.

I thought IE security policies were per-user policies, not per-computer
policies. If you have set it as a user policy, it should have taken effect
for all users on the computer, including the administrators, unless you just
set it for a specific user or group (or OU in a domain).

--
PGP key (0x0AFA039E): <http://www.pan-am.ca/consulting@pan-am.ca.asc&gt;
Prevent problems before they happen and help others avoid bad design.
<http://www.pan-am.ca/antiwindowscatalog/&gt;
!