Solved

Can I configure proxy information via Login Script

Posted on 2006-11-13
10
2,639 Views
Last Modified: 2007-12-19
I've just implemented an IPrism to my network and I have it configured in proxy mode.  Is there a way via login I can configure proxy information in IE?  I'm running SBS Small Business Server.  Thanks in advance.
0
Comment
Question by:GTKINC
  • 5
  • 3
  • 2
10 Comments
 
LVL 7

Accepted Solution

by:
CharliePete00 earned 250 total points
ID: 17932266
Yes you can configure proxy via a logon script but going the GPO route will be much easier.  The policies you want are located under:

User Configuration\Windows Settings\Internet Explorer Maintenance\Connection\Connection Settings

Good Luck and Enjoy
0
 

Author Comment

by:GTKINC
ID: 17932443
I'm not currently running any GP's on this domain.  I'm fighting implementing them so far.  I'm sure the day is coming though.
0
 
LVL 7

Expert Comment

by:CharliePete00
ID: 17932622
Try adding the the following vbs code to your logon scripts:

myProxyServer="myproxy"
myProxyPort=80
for each Obj in GetObject("winmgmts:{impersonationLevel=impersonate}").InstancesOf ("win32_Proxy")
      result = Obj.SetProxySetting(myProxyServer,myProxyPort)
      WScript.Echo "SetProxySetting() returned = " & result
next

0
 
LVL 7

Expert Comment

by:CharliePete00
ID: 17932631
But be sure to look into GPOs...When used properly they can be an Administrator's best friend.
0
 

Author Comment

by:GTKINC
ID: 17932641
Kewl.  I'll try that and repost.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 6

Assisted Solution

by:manicsquirrel
manicsquirrel earned 250 total points
ID: 17934689
You can attach proxy information in your DHCP server, so that when a client requests a DHCP it also gets the proxy information as well.  Then, you need set 'Automatically detect settings' in your browser.  This will affect all devices requesting DHCP, not just ones joined to your domain.

http://en.wikipedia.org/wiki/Web_Proxy_Autodiscovery_Protocol
http://www.isaserver.org/tutorials/Automating_the_Configuration_of_the_Firewall_Client_Part_1.html

Even though the later article is about ISA, the DHCP server configuration is irrespective of the firewall used.  The bottom half of the article is a step-by-step on adding a wpad entry to the DHCP server, albeit on a Windows 2000 Server.  However, the differences are too minor to matter.

IPrism supports WPAD and PAC files according to their administrators guide:

"Preparing for Direct Authentication
If you decide to use Direct Authentication, you must configure the web
browsers on your network workstations appropriately. You can find instructions
for doing this in Appendix B, “Configuring Browsers for Authentication”
on page 227. This can also be done automatically by using the WPAD
protocol (Internet Explorer’s automatic proxy settings) or a proxy pac file
(Proxy Automatic Configuration)."
0
 

Author Comment

by:GTKINC
ID: 17935722
This would work well as I have some users who are "guest" and are not joined to the domain but they all use DHCP.  I'll try the above and repost.
0
 
LVL 6

Expert Comment

by:manicsquirrel
ID: 17935959
You will need to point the wpad entry to your wpad or pac script.  Unfortunately, I'm not versed on creating the script myself.  I use ISA server and it creates the script for me.  One reference I did find is: http://wp.netscape.com/eng/mozilla/2.0/relnotes/demo/proxy-live.html

A sample proxy.pac file that you might use is:

function FindProxyForURL(url, host) {
    if (dnsDomainIs(host, "cr.yp.to") ||
      dnsDomainIs(host, "news.bbc.co.uk") ||
      dnsDomainIs(host, "www.boetes.org") ||
        isInNet(host, "172.16.11.0", "255.255.255.0") ||
        isInNet(host, "192.168.0.0","255.255.0.0") ||
        shExpMatch(url, "https:*") )
        return "DIRECT";
    else
        return "PROXY 172.16.11.1:8118; DIRECT";
}

The first part if the conditional statement, tests the target domain.  If the browser is trying to reaxh one of these domains (like and internal website) then it returns "DIRECT".  In otherwords, bypass the web proxy and go directly to the website, otherwise it returns the proxy address and the web browser goes through the web proxy.

BTW:  You can also create a WPAD alias in your DNS server.  If your client browser can't retrieve the proxy information from the DHCP server, it will also check for a WPAD DNS entry.  I found a better tutorial on configuring the server at http://www.isaserver.org/tutorials/Configuring-DHCP-DNS-automatic-discovery.html.

Remember, though - since you are not using ISA you will have to do a little custom tweaking.  You will have to host your auto configuration script on the server in a folder that is accessible by everyone.  If you want to host it on port 8080 just make sure you create a website running on port 8080 on your server in IIS and also remember to include the port designation in your DHCP WPAD entry.

Best of luck.  With an idea of what you want to do, you may be able to get some support from an IPrism support forum or their support staff.
0
 

Author Comment

by:GTKINC
ID: 17937818
I appreciate all of the extra input but for now I believe simply inputting the Proxy into the DHCP information should be sufficient.  Remember I'm only testing the device in Proxy mode.  Once I'm comfortable and I place it in bridge mode, I won't have to worry about proxy information.  Still waiting to return back to the site to implement some of these options.  I'm keeping my fingers crossed for the DHCP solution.  
0
 

Author Comment

by:GTKINC
ID: 18108286
Points are for your efforts as I haven't had time to try some of these things.  I will though.  Thanks for your time.
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

The articles for turning off the Client firewall policy on the internet are for SBS 2008 and don't really help for SBS 2011. They actually moved the Client firewall policy. In 2011, the client firewall policy has moved to the SBS computers conta…
I’m often asked about newer and larger USB drives connected to SBS2008 and 2011 failing Windows Server Backup vs the older USB drives not failing. As disk space continues to grow and drive technology change SBS2008 and some SBS2011 end up with the f…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now