Setting up GPO for proxy settings

RockmanIT 256 Reputation points

I am trying to setup a GPO to only allow chosen users to be able to access only one website. On windows server 2019 I opened up the GPE created a new policy under my User OU and navigated to User Configuration > Preferences > Control Panel Settings > Internet Settings. Right-click and select New > Internet Explorer 10 and setup my proxy with with port 80. I then added the only website I want users to access into the Exception list. I then added my user account into the scope However this did not work for me after running a gpupdate and testing after I logged in.

As a note my server is Windows 2019 and the Workstations are Windows 11. I noticed the GPO path I used above on server 2019 is not found in the GPE path on the local machine itself so not sure how thats supposed to work if both paths dont match up. Any help with what I'm doing wrong would be appreciated

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
12,474 questions
Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
8,698 questions
0 comments No comments
{count} votes

Accepted answer
  1. Khaled El-Sayed Mohamed 1,170 Reputation points

    Hi Roc

    To set up a Group Policy Object (GPO) to allow specific users to access only one website on a Windows Server 2019, you can follow these steps:

    1. On the Windows Server 2019 machine, open the Group Policy Management console. You can do this by searching for "Group Policy Management" in the Start menu.
    2. Expand the domain and navigate to the Organizational Unit (OU) where the users are located or where you want to apply the GPO.
    3. Right-click on the desired OU and select "Create a GPO in this domain, and Link it here..."
    4. Provide a name for the GPO, such as "Website Access Restriction," and click "OK."
    5. Right-click on the newly created GPO and select "Edit" to open the Group Policy Editor.
    6. In the Group Policy Editor window, navigate to "User Configuration" > "Policies" > "Administrative Templates" > "Windows Components" > "Internet Explorer."
    7. Double-click on the "Internet Control Panel" policy and select the "Security Page" option.
    8. In the right pane, double-click on "Site to Zone Assignment List."
    9. Enable the policy by selecting the "Enabled" option.
    10. Click the "Show..." button to open the list of sites.
    11. In the "Value name" column, enter the URL of the website you want to allow access to (e.g., and set the corresponding value in the "Value" column to "1" (Intranet Zone).
    12. Click "OK" to close the list of sites.
    13. Close the Group Policy Editor.
    14. Link the GPO to the desired OU by going back to the Group Policy Management console, right-clicking on the OU, and selecting "Link an Existing GPO." Choose the GPO you created earlier and click "OK."
    15. Verify that the GPO is applied to the correct users by running the command gpupdate /force on the client machines or waiting for the policy to refresh automatically.

    Make sure to test the GPO thoroughly to ensure it is working as expected before applying it to production environments.

0 additional answers

Sort by: Most helpful