Parental Control options: AD, LDAP, piHole, Other



  • Was asks recently about what options he could look at to try to keep his kids on task with the up coming school year and the high likelihood of having to contin he with non-traditional instruction, ie: classes at home.

    His first though was of course some kind of Domain; costly and hardly worth setting up for a maximum of five computers.

    Another option that came up was LDAP - which I will admit I dont have much experience with.

    And then there is piHole, knowing that this is a great tool to blacklist ads, and harmful sights, but could likely be a simple solution.

    He’s recently admitted that one of the kids has managed to hack a cell phone to by-pass some or many of the parental settings that had been set.

    Costs are of course a factor ,...



  • I've installed Circle which allows to set time constraints and such. It also has safety measures for websites visited, but whether its enough I think depends on the kids using it. Boy did my wife get pissed when I set her to a max of 7 hours of being on the internet and she used it by 5pm LOL.



  • I am setting up similar for my family. PiHole along with CloudFlare family DNS on the "kids" vlan their wifi SSID is on, all other DNS requests blocked. In addition I also watch them pretty carefully when they are on-line though occasionally stuff gets through so this will hopefully help with some of the bad stuff.
    Cloudflare DNS, blocking malware and adult content:
    Primary DNS: 1.1.1.3
    Secondary DNS: 1.0.0.3



  • @krzykat said in Parental Control options: AD, LDAP, piHole, Other:

    I've installed Circle which allows to set time constraints and such. It also has safety measures for websites visited, but whether its enough I think depends on the kids using it. Boy did my wife get pissed when I set her to a max of 7 hours of being on the internet and she used it by 5pm LOL.

    😝

    I'd probably get beaten!



  • @gjacobse said in Parental Control options: AD, LDAP, piHole, Other:

    Was asks recently about what options he could look at to try to keep his kids on task with the up coming school year

    What does this mean exactly?

    The Cloudflare for families as others have mentioned will only help to keep the kid off of porn and malware sites.

    I think you need to define what "keep kids on task" means. If it means only allow school work and that's it, then an "allow list" (trying to stay PC) will help the most.



  • @WLS-ITGuy

    It was pretty F'ing funny. I knew it would happen and I just blamed - Hey - I have to test out all the potentials. Then followed it up by how can we expect the kids if we don't set the example.

    As far as locking things down, it hard, because then they say they need to do research for a project and such. Keeping an eye on them and reviewing the history and good communication skills is important.



  • I think he should go after the wifi/internet connection. So restrictions are made in the router and not on the devices. Use the mac address to put devices in different groups with different restrictions.

    To keep the kids on track, allow internet only at certain times, block sites that are distracting during school hours, etc. That kind of stuff.

    If they have a schedule and they know what restrictions are in place, they can plan their school work around it. For instance if youtube is only allowed one hour in the afternoon any projects that need youtube could be done then.



  • @Pete-S said in Parental Control options: AD, LDAP, piHole, Other:

    To keep the kids on track, allow internet only at certain times, block sites that are distracting during school hours, etc. That kind of stuff.
    If they have a schedule and they know what restrictions are in place, they can plan their school work around it. For instance if youtube is only allowed one hour in the afternoon any projects that need youtube could be done then.

    If you can't trust the kid to get school work done when it's the time and place to get school work done... I think there are bigger issues to fix first TBH.



  • Sounds like a technical solution to a HR problem 😛

    Have school work done in a common area.
    Monitors visible from/facing walk ways.
    Pi-Hole or something similar to filter out nastiness,



  • @gjacobse said in Parental Control options: AD, LDAP, piHole, Other:

    His first though was of course some kind of Domain; costly and hardly worth setting up for a maximum of five computers.

    And how would that even affect anything? What does he think that a domain does?



  • @gjacobse said in Parental Control options: AD, LDAP, piHole, Other:

    Another option that came up was LDAP - which I will admit I dont have much experience with.

    What did he mean by domain if not LDAP? AD Domains are just the Window's brand of LDAP domain.

    I'm confused as to what he thinks these things are. They are ways to handle authentication across multiple machines to make the management of user accounts easier. Neither here nor there to the discussion.



  • @gjacobse said in Parental Control options: AD, LDAP, piHole, Other:

    He’s recently admitted that one of the kids has managed to hack a cell phone to by-pass some or many of the parental settings that had been set.

    By "hack" did he mean "reset" or "knew the password"?



  • @gjacobse said in Parental Control options: AD, LDAP, piHole, Other:

    Was asks recently about what options he could look at to try to keep his kids on task with the up coming school year and the high likelihood of having to contin he with non-traditional instruction, ie: classes at home.

    Nothing much to be done here. Just need to be parents and motivate them. Our kids have always home schooled and we've never needed any tech to keep them on task. They'll just stare out the window if you let them.



  • @gjacobse said in Parental Control options: AD, LDAP, piHole, Other:

    Was asks recently about what options he could look at to try to keep his kids on task with the up coming school year and the high likelihood of having to contin he with non-traditional instruction, ie: classes at home.

    His first though was of course some kind of Domain; costly and hardly worth setting up for a maximum of five computers.

    Another option that came up was LDAP - which I will admit I dont have much experience with.

    And then there is piHole, knowing that this is a great tool to blacklist ads, and harmful sights, but could likely be a simple solution.

    He’s recently admitted that one of the kids has managed to hack a cell phone to by-pass some or many of the parental settings that had been set.

    Costs are of course a factor ,...

    We have a domain here at home. But then, I'm in the industry. 😉

    We also have a SonicWALL TZ300 set up with security and site monitoring.

    DC DNS is set to check OpenDNS (we have a subscription). Root Hints are disabled.

    DC provides DNS for the home network. Firewall is set to allow TCP/UDP 53 from the DC only (this is default for client setups anyway).

    This catches about 90% of everything that could possible. OpenDNS helps with the search stuff too. It filters out stuff they should be seeing.

    We have Microsoft Family set up on all of the kid's machines.

    NOTE: Tech companies have deemed themselves owners of our kids. How? When the kid turns 13 they can turn off monitoring. I was right p*ssed off when I figured that out as I wasn't getting parental reports for my eldest son. That changed RPQ.

    Use Microsoft Parental Monitoring on all Windows devices. It is helpful though not perfect. We schedule device usage time.

    RULE: No. Devices. In. The. Bedroom. PERIOD
    RULE: All device work must be done such that the screens face public.
    RULE: Devices are Tools not Toys (No gaming here. Go outside, Build something, Clean something)

    Note: We home school. Our main goal was, and is, to give our kids the best d*mned education that we can versus the cookie cutter factory schools that teach closet Marxism/Socialism here. Eldest daughter is an amazing artist at 16, 13yo son is into REVIT, Fusion 360, SolidWorks, stress engineering and more, while our youngest just is. They are turning out great.


Log in to reply