Internet Proxy setting in Group Policy

Group Policy question for you....

I am restricting access to the Proxy Server settings in the Lan Settings area of the Internet Options>Connections tab for users(W2k and XP) of my domain(Windows 2003 Native).  This is to prevent users from circumventing the proxy and getting out to the Internet without going through the proxy and web filtering software.  This GP has one unfortunate side effect.. It also means users on laptops that connect to the domain, and then go mobile, are caching this policy and are having problems connecting to the Internet while traveling.  I have a VBS script that can be run by the users to disable the proxy settings if necessary, but I was wondering if there was a group policy setting that could disable the proxy setting upon becoming untethered from our network and re-enable the proxy setting when they connect back on again.

Thanks for the help!

Mike W.
mwaters31Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

James MontgomeryCommented:
Couple of Possibilities:

1) Set proxy via dhcp/dns. Some proxy servers support this. e.g. ISA

http://support.microsoft.com/default.aspx?scid=kb;en-us;309814&sd=tech

2)Set local policy on the laptops individually to auto discover proxy. This setting is overwritten when on the domain network, but when they are outside and cannot load group policy, local policy takes effect.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Jay_Jay70Commented:
group policy caches so the second option will not work to the best of my knowledge
0
James MontgomeryCommented:
After reading some more I have to agree the second option is not going to work.

It would seem GP processing stops if a DC cannot be contacted - and the previous settings are maintained.

A alternative would be a logon/logoff script that enables and disables proxying.
A commercial alternative desktop authority (www.scriptlogic.com) can be very granular - validating against security groups, or OU etc etc.
0
mwaters31Author Commented:
I think this will work for me.  I am using an ISA2004 firewall and the Lan clients were getting their proxy settings through a GP only.  I can now get rid of the GP for this and just use the DHCP/DNS proxy configuration.  That way when a user goes mobile, the remote DHCP/DNS system will not point them at our firewall for proxy services.

Thanks!

Mike
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.