This is a sample guest message. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!
I looked into this a while ago and could only came up with the following options:
1) Use the trusted sites in IE and the security policy to only allow trusted sites in IE
2) Use the firewall/ web filter
3) Create a .vbs file that opens an IE instance without menu bars, fixed size etc so that the user just has a simple window in which to work. The downside is that you can use F11 or CTRL-N to view the address bar or create a new instance (also manageable in the policy).
Good luck, and let me know if you find any other options as I still need something which is an improvement on 3.
I've done this for a kiosk application. I did this by:
1) Writing a keyboard filter driver which prohibits Ctrl+Alt+DEL and all the other special windows keystrokes (alt+tab, ctrl+tab etc)
2) Writing an application which used QtWebkit to create a fullscreen browser app, which filters all URL requests.
3) Writing a launcher which replaces the windows shell and automatically starts the browser application.
4) Setting all manner of registry settings to hide access to the local filing system as a matter of precaution.
It's far from trivial.
Or you could just buy sitekiosk which will do what you want!
As said, I've pretty much locked down a win 7 pro machine before just with local policies.
Yeah it's not as secure as Sn00p's efforts, but as this is a machine that you're going to be working by anyway you'll soon see if anyone is trying anything funny as to get round a lot of it is a bit of a faff
If it's a remote machine at a remote location then might take a bit more thinking about.