Censornet - internet filtering on your terms

Windows Server 2008r2 compatibility

July 19, 2011 • Customer Services       

Synopsis

Article

Users should upgrade to the latest version of CensorNet Professional and then switch to Transparent Kerberos authentication mode under System -> Configuration -> Authentication. Please read the following section carefully.

REQUIREMENTS: Transparent Kerberos is only compatible with IE7 or above, Firefox, or Safari on MacOS? X 10.4.

NTLM USERS: If you have previously used NTLM, then you must delete the "censornet" machine record in Active Directory Users & Computers under the Computers folder first.

DNS: After switching to Transparent Kerberos, it is important that your browser's proxy settings references the CensorNet server with its fully qualified domain name (FQDN) rather than IP address.

Log in to the CensorNet server as root and type:

hostname -f

This will return the FQDN, e.g. censornet.local

You should ensure that computers on your network can resolve censornet.local to its IP address. Verify this by opening a command prompt and type "nslookup censornet.local". If it returns the IP address then it can resolve the hostname correctly. If not, you will need to add a forward facing record in your DNS server to resolve the FQDN to the correct IP.

You should now issue a group policy update to change Internet Explorer proxy settings to use censornet.local port 8080 as the web proxy, rather than the IP address used previously.

Related articles