Re: BHO that filters out pages
You should be able to find a proxy service that uses Windows Integrated
Authentication so that the user account they log on to the TS with is passed
transparently to the proxy without requiring them to log in again. I'm
pretty sure ISA Server will do this, and I doubt it's the only one.
wrote on Mon, 29 Sep 2008 15:10:33 -0700 (PDT):
> Thanks for the reply. I thought about using a proxy server but the
> users are logged in to a terminal service. I explored some proxy server
> solutions but they all required the user to sign on a 2nd time to be
> able to get to the internet.
> I believe I can I use GPOs to prevent users from not loading the BHOs,
> as the users won't have any admin capability. Does this make sense?
> On Sep 29, 5:01 am, "Daniel Crichton" <msn...@worldofspack.com> wrote:
>> arma...@highseascs.com wrote on Sun, 28 Sep 2008 15:42:04 -0700
>>> Hello all,
>>> In our environment we have two login modes: internet and
>>> Internet users can browser anywhere, non-internet users cannot. The
>>> distinction between the two is whether they have agreed to pay the
>>> charges. Furthermore, the non-internet users should be able to
>>> browse a few chosen web sites, for free.
>>> I was reading about BHOs and it seems they can trap browser events.
>>> I am wondering if I can trap the BeforeNavigate and change the
>>> URL to some other one if the target URL is not approved for that
>>> I have written code for a webbrowser control, and I could easily do
>>> that. Now I would like to do this from within IE.
>>> So, is it possible to modify the target URL event in IE using a BHO?
>> Would you not be better off looking at a proxy server and controlling
>> access at a central point? I'd be very wary of using a BHO for this,
>> both for performance reasons and the ability to circumvent pretty
>> easily - running
>> IE in no-adds mode would mean no BHOs are loaded and so your
>> non-internet users have no restrictions. By having all outgoing
>> access (assuming that you're using a LAN of some kind and can control
>> the outgoing connections)
>> routed via a proxy (block outgoing connections for web traffic except
>> from the proxy, and set up the browser on each PC to connect via the
>> proxy) you have central control that cannot be circumvented, and this
>> will probably be easier to manage too.