My current Windows Workplace Network need some users to have restricted access to the internet and some users to have full access to the internet.
So I used a OPENDNS as it turned out to be the most simple and yet cost effective option (as in free!) So I granted those users limited accounts and restricted groups of sites like file and video sharing, social networking, adult sites, etc in the OPENDNS control panel and point those users DNS setting to the OPENDNS.
Now I have decided to upgrade this network to Windows Server 2008 R2 environment, obviously for better management and to make use of centrallized file storage and access restrictions on the file server and I'm stuck again because I want to have some computers use the OPENDNS servers to continue the restrictions as that seems to be the easiest way to do so. But adding all computers on the network to the domain would also mean that these user would have to use the server's DNS which inturn would give them full access to the internet. Also in this latest environment some users have not to be given internet access at all (at least for the time being). Can someone help me here!
Best Answer
DNS really is not going to work for access control. As soon as a user finds out that it's possible to access sites (including proxy sites) by IP address, it's all over.
If you are looking for a free community web filtering platform, you might consider Untangle.