hi everyone,

i am hired as a personal programmer of a company and basically know a little bit about networking just like connecting computers, mapping drives, setting up usernames and passwords, basic router configurations, and minor hardware/software/operating system troubleshooting.

what i wanna happen in our office is to have a dedicated server for all computer terminals. i want to make a proposal that :

1) everyone must login to the server before using the computer.
2) limit internet access - depending on the position of the employee (e.g. staff, supervisor, managers, executives) and / or we can control them that during office hours no one must access non-work related sites.
3) suppress downloading / installing programs to computers.
4) allowing / disallowing modifying system's default configuration (windows apeaance, backgrounds, start menu items, folder options, right clicks, enabling /disabling menu items)

btw, we're using windows2003 as our server. some clients use windowsXP and some use windows98. my problem with the network setup here is that our server is just considered as a server because all programs reside there and are just mapped in each computer terminal. but in reality, it does not have any control to its subordinates.

thanks in advance
- hayunna ;)

11 Years
Discussion Span
Last Post by Inky

Sounds like an Active Directory Domain and an ISA Server would do just fine in that environment.

Before you go crazy make sure you research these technologies. You stated you know "a little bit about networking"...these may require a bit more than that.

Active Directory will allow you to control every object within the domain from a centralized source, and ISA Server will act as a proxy to allow/restrict/observe traffic inbound and outbound.

I'm a bit favorable to MS, but there are other options available to replace ISA server that are cheaper and just as secure, although you will lose the MS Active Directory scheme of things running an application such as IPCop. www.ipcop.org



I agree with Jon, AD is the way to go. Research it! Work all the bugs out of DNS before trying to install AD. Also, in order to dynamically assign IP addresses, I'd set up DHCP if it's not already. I managed to pull this off with no formal training in networking or in Windows Server 2003 so it can be done!


thanks to both of you guys...so i will need to do some research on those keywords: (in fact, they are jargons for me, being at the starting point) Active Directory Domain, ISA Server and DHCP..that's great! i'll work it out...but i'm looking for a page or a site that can walk me through these stuff or a quick jump on where i wanna be would be very helpful...

thank you very much Jon and Christian



Try these keywords:
Active Directory (AD);
Domain Name System / Domain Name Server / Domain Name Service (DNS);
Dynamic Host Configuration Protocol (DHCP);
ISA Server.

If you can't find on the web what you need, pick up a good book like Mastering Windows Server 2003 by Mark Minasi, et al.


Don't forget about Group Policy too :)

Group Policy is what you're going to need to put into place about half of those goals you originally listed. Microsoft has a few exams on these different technologies, if you were to pick up a MS Press Training Kit would probably do you well. Remember, sometimes you can find the PDF version of the books on ebay.

Here are the applicable ones...

70-290 MS Server (Intro to AD and DHCP)
70-291 MS Server Infrastructure (DNS, DHCP heavy)
70-299 MS Server 2003 Network (AD, Authentication, etc)
70-350 MS ISA Server 2004

Hope this helps!


hi inky and cutepinkbunnies,

i truly appreciate all the help..i will surely take note of these things.

thanks again

- hayunna

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.