I've searched and found a way of doing it using the built in "Internet Content Adviser" by using a filter that blocks out everything, then allowing sites. It works, but not very cleanly. Its a per workstation thing and requires manually editing each workstation. It also breaks IE for every user that logs into the restricted PC, not just a single specific user.
IE = almost anything under that can be controlled via Group Policy if you have an Active Directory domain - per user, per computer, you name it.
Does anyone know of anything free out there that I can use as a "block all/allow specific" web filter based on user? I've never set up anything like this so something with instructions or a nice GUI would be nice. I have almost zero Linux experience but would be willing to try to learn enough to get something like this up and going if it wasn't extremely difficult.
If there's really not anything out there I'll probably just end up using the built in IE Internet Content Adviser but wondered if there was a better, more elegant way of doing it.
IMO, blocking != elegant already. When someone goes to a site and snap(!), it is already not a smooth experience and it has been documented that, especially for knowledge-based workers, pissing them off is just going to reduce productivity and make for a worse workspace environment overall. It is a hotly contested topic and let's not get too much into that. TR forums usually refer to it as the Nazi Content Filter (NCF) so it shows the feelings among some of the gerbils. For a really destructive "block", there is always the hosts file you can mess with your users like that.
Granted, if you still have your user being an admin on their systems, there are almost always workarounds.
The Model M is not for the faint of heart. You either like them or hate them.
Gerbils unite! Fold for UnitedGerbilNation, team 2630.