Prevent group policy from effecting local users

I currently have group policy enabled for my domain. I am doing it mainly for proxy settings. The problem i am coming across is if a user takes thier laptop home and logs in to the local computer [computername (this computer)] the group policy is coming across. How can i make it so that if they log on locally to the computer they dont use the proxy?
LVL 2
msidnamAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ian_chardCommented:
Hi,

The group policy shouldn't effect the local machine, Especially if they are not logging onto the domain.

One way to get round this would be to make a local group policy on each laptop that has no proxy server configuired. This would be applied when the user logs on locally, but when they log onto the domain, The domain policy would take precedence and set up the Proxy details.

It is possible that when the user is logging on at home, The PC still has the settings from the group policy on it, Even though it is not actually refreshing those policy settings.

Cheers

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
rhinocerosCommented:
Group policy will affect when the domain user logon their domain account (profile) on laptop, it mean the users account must be the member of OU.

However, local user account have another one profile for locally logon, that is different with domain account, and all GPO setting (include proxy setting) will not be enabled.
ian_chardCommented:
Another way around the problem is to create a batch file and put it in the local user accounts startup folder in C:\documents and settings\%USERNAME%\\Start Menu\Programs\Startup that runs the following:

proxycfg -d

This will give the machine direct internet access for that user only. You could always do this with a registry hack that runs at start up via a local policy for the local user that also modifies the hkcu internet settings to disable proxy configuration for that user, and run it alongside the proxycfg too to ensure they get direct Internet access.

Proxycfg will only work on XP machines by default, though you may be able to copy it from an XP/Windows 2003 server machine to get it to work.
Acronis True Image 2019 just released!

Create a reliable backup. Make sure you always have dependable copies of your data so you can restore your entire system or individual files.

Jay_Jay70Commented:
GPO will hold whether you log on locally or to the domain as mentioned above

i have proxy set in mine and the minute i go home and plug in to the network i get no issues, windows takes care of itself even with my proxy enabled

does your proxy screw up home internet?
ian_chardCommented:
I should have added in my above post that %USERNAME% would be the username for the LOCAL log on, and not any domain one.

Thanks
Ian
msidnamAuthor Commented:
thank you all for help. I figured that  if you log on locally it should bypass the proxy. one of our auditors was out in the field yesterday and the IT guy where she was at was saying that they couldn't get out to the internet even on a local profile. I have hidden the connections tab so I am thinking that perhaps he never tried to connect from the local profile. I tried on my laptop after I posted and even though I couldn't see the connections tab I was able to get on. I will need to check out their laptops when they get back. I will post again in a day or two. thanks again for the help everyone.
ian_chardCommented:
If you are trying to set the proxy server within the organisation without using the connection tab you can use a reg hack to enter the proxy details like this:


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]

"ProxyServer"="PROXYSERVERNAME:PROXYPORT"

Where proxyservername is the proxy server name and proxyport is the port used on the proxy (usually 8080).

Of course this will overwrite all settings so you'll have to create another reg hack to delete it when working from home and needing direct access.
rhinocerosCommented:
> she was at was saying that they couldn't get out to the internet even on a local profile. I have hidden the connections tab so I am thinking that perhaps he never tried to connect from the local profile.


Have you also enabled "Local Group Policy" on laptop ?


Jay_Jay70Commented:
i am in the same boat as you - same as i as i mentioned above. logging in localley for me gives me no issues even with a proxy set via GP at work :)
msidnamAuthor Commented:
Yea, I am thinking this other IT guy never even tried the local account once he found out that the domain account had the connection tab hidden and didnt work.

The users should be back in a couple days and i am going to try some things here since we also have a DSL line that is not attached to our network and its wireless.

I will report back in a couple days once i get those users laptops.
Jay_Jay70Commented:
cool cool

good luck - itll be fine im sure
msidnamAuthor Commented:
I'm having a tech go out today to do some testing with another laptop.
msidnamAuthor Commented:
You are not going to beleive this! The whole reason it wouldn't work is because the site where my auditors are at are themselves using a proxy! And the IT guy there couldnt tell me that when i was talking to him last week? Oh boy! Sorry for the trouble.
Jay_Jay70Commented:
oh dear....
ian_chardCommented:
LOL! It's always the one thing you don't expect.

Thanks for the points.

Cheers
Ian
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows 2000

From novice to tech pro — start learning today.