Proxy Server settings from W2K domain policy

Posted on 2004-09-07
Last Modified: 2010-03-18
We use W2K AD domain policy to set our IE proxy server settings. Until recently we use ISA Server 2000 locally on one of our servers, but have now changed to an off site url for the proxy. Most of the time users log on and get the correct settings, but sometimes the old settings reappear! I have uninstalled the ISA Server software so where can this be coming from?

We don't have "automatically detect" enabled. Sometimes you can untick the incorrect proxy settings, reboot, and it comes good, but sometimes everthing is greyed out and we have to use regedit to clear out the incorrect settings. All the DC servers are synced and all have the correct settings so I'm baffled as to where the wrong settings are coming from !!
Question by:proneill
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
LVL 11

Expert Comment

ID: 12000144
hmm.. try making a policy disable the old policy , then have a policy later enable it.  I think once all clients are switched over it will be corrected.
Its not spiratic on the same pc's is it?  

also what if you forward the DNS to the extrnal host

Author Comment

ID: 12015656
Thanks for your response. Not sure how I would make a policy to disable - it only allows for enabling in the GP Proxy Settings.

I don't know what spiratic means but on the same pc it can be ok on one user's logon but not another.

Our dns is internal except for our web site and mail settings which are done on an external host. I can't make any changes to this setup

Author Comment

ID: 12015674
I've just realised what you probably mean - put the settings so that there's no proxy, then later re-enable it. I'll give this a try!
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

LVL 11

Expert Comment

ID: 12017081
hehe I spell wrong because I say things wrong.

spiratic=sporadic  :D

meaning... does it work sometimes with the same user, and not other times.

also try putting a logon script in the problematic GPO.

make it say

net send "yourcomputername" %username% GPO success on %computername%

it will give you a popup window on your pc if the script is executing.  Or simply put a pause in it, so it will stay visable.

and you can confirm its running


@echo Applied GPO Test
@echo If you see this message the client has successfuly applied GPO "GPO Name"

Just ideas for troubleshooting.  
LVL 11

Expert Comment

ID: 13168143
did my suggestion work?

Author Comment

ID: 13181418
Had to pay Microsoft to investigate this one. Turned out to be a synch error on one of the DCs
LVL 11

Expert Comment

ID: 13182951
ahh.. been there.

Were you able to repair it or did they make you reload the servers?

They tried to get me to reload, but I said no, then suddenly they came up with a solution :)

Accepted Solution

modulo earned 0 total points
ID: 13190524
PAQed with points refunded (250)

Community Support Moderator

Author Comment

ID: 13190776
This was the gist of the registry hack:

HKey Local Machine\System\CurrentControlSet\Services\NTFRS\Parameters\Backup\Restore\ProcessatStartup. If there is not an entry forBurflags create one, edit, menu,new dword value, Burflags, OK. If there is one, r-click, modify, type d2 in value data box, OK.

The net stop NTFRS, net start NTFRS.

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Nslookup is a command line driven utility supplied as part of most Windows operating systems that can reveal information related to domain names and the Internet Protocol (IP) addresses associated with them. In simple terms, it is a tool that can …
Enterprise networks where VoIP phones have been deployed frequently use port configurations that allow both a computer and an IP phone to be plugged into the same switch port but use different VLANs. On Cisco equipment I'm referring to the "native V…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor ( Top Charts is a view in which you can set seve…
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question