Hi guys I'm trying to lock a Windows 8.1 RT tablet down to one website but I'm struggling. Does any one have any idea how to do this? Thanks
when you say lock what do you mean? for example would just hiding the address bar work, or is the end user more savvy than that? have you tried this: http://www.thewindowsclub.com/password-protect-the-use-of-internet-explorer
I don't think there is an easy way, but it seems like you might be able to use a slightly hacky method to make Content Advisor block every site except those you white list: https://gemymar.wordpress.com/2012/03/06/block-all-websites-in-internet-explorer/ I don't think Content Advisor is enabled by default in IE11 so you'd have to enable it first: http://www.thewindowsclub.com/enable-content-advisor-internet-explorer-10-11
It's going in a takeaway to show incoming orders so I don't want the staff checking Facebook when I'm not there. I've enabled the content advisor and tried a proxy too the problem with both is that the browser tries and then eventually fails which makes using the site very slow to use. I want to just straight block everything RT doesn't seem to have a firewall built in like other versions of Windows otherwise I would block everything with the firewall.
Depending on what your site uses for incoming orders, you could maybe statically assign the IP details for the device and make sure no DNS is entered. Then in the HOSTS file create an entry which points the website you want to use to its IP. If they try to go anywhere else it'll just fail as there no DNS but should still access your website you want access to or this might work (https://security.berkeley.edu/conte...site-whitelisting-microsoft-internet-explorer) then lock down the proxy configuration with local group policy? I've no experience with Windows 8.1 RT specifically so I'm not 100% on how much 'normal' Win8.1 Group policy is available in there
It's just a website that updates with new orders and makes a sound to draw attention. I don't need to make IT professional proof it's just to stop people casually using the tablet for anything else. I look into the white list proxy config
The easiest way to do this will be to make a bogus proxy under lan settings in the internet options, then put the allowed site in the exception list. Of course, if they know where to look it will be quite trivial to bypass it. If you wanted to do it right, I would suggest setting this blocking up at the gateway. Perhaps look into what options you have if any on whatever you are running, there may be something there. Otherwise, perhaps setting up something like a cheap cobbled together machine and install untangle on it would be a way to go.
I've set up a 'Kiosk' account on the tablet with access control so the only app that will launch is IE you can't even get the start menu up. If you could lock out the address bar it would be perfect but that isn't an option on the app. I'm using a MiFi device from EE to get online which is coming on Monday so until that comes I don't know what the set up options are.
Have you tried running ie in kiosk mode as per this article? https://support.microsoft.com/en-us/kb/154780
That works almost perfect but you can still press the start button and get to other programs including opening another instance of internet explorer. Is there a kiosk mode for the metro app? If there is that will solve all of my problems.
As IvanIvanovich has already mentioned, you can set up a non-existent proxy and put the site you want to access in the proxy exceptions list.
I've done that, works well for stopping other sites being loaded but the kiosk mode is a better solution as there is no address bar. If Kiosk mode works on the metro app I will have a perfect solution because with the assigned access absolutely nothing else can be loaded
follow this kb to disable the start button. A advise you leave alt tab in place if you ever need to get out of the full screen ie else you may have trouble. https://support.microsoft.com/en-us/kb/216893
I solved my problem by writing a Power Shell script and a batch file to launch it at start up. The tablet boots up auto signs in, the batch file calls the script which kills explorer and launches Internet Explorer in kiosk mode. By killing explorer the start menu is disabled and none of the Windows gestures work so there is no way to start any other programs. Pretty much a perfect kiosk locked to one domain, thanks for the input guys.