[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 5417
  • Last Modified:

Internet Proxy setting in Group Policy

Group Policy question for you....

I am restricting access to the Proxy Server settings in the Lan Settings area of the Internet Options>Connections tab for users(W2k and XP) of my domain(Windows 2003 Native).  This is to prevent users from circumventing the proxy and getting out to the Internet without going through the proxy and web filtering software.  This GP has one unfortunate side effect.. It also means users on laptops that connect to the domain, and then go mobile, are caching this policy and are having problems connecting to the Internet while traveling.  I have a VBS script that can be run by the users to disable the proxy settings if necessary, but I was wondering if there was a group policy setting that could disable the proxy setting upon becoming untethered from our network and re-enable the proxy setting when they connect back on again.

Thanks for the help!

Mike W.
0
mwaters31
Asked:
mwaters31
  • 2
1 Solution
 
JimboEfxCommented:
Couple of Possibilities:

1) Set proxy via dhcp/dns. Some proxy servers support this. e.g. ISA

http://support.microsoft.com/default.aspx?scid=kb;en-us;309814&sd=tech

2)Set local policy on the laptops individually to auto discover proxy. This setting is overwritten when on the domain network, but when they are outside and cannot load group policy, local policy takes effect.
0
 
Jay_Jay70Commented:
group policy caches so the second option will not work to the best of my knowledge
0
 
JimboEfxCommented:
After reading some more I have to agree the second option is not going to work.

It would seem GP processing stops if a DC cannot be contacted - and the previous settings are maintained.

A alternative would be a logon/logoff script that enables and disables proxying.
A commercial alternative desktop authority (www.scriptlogic.com) can be very granular - validating against security groups, or OU etc etc.
0
 
mwaters31Author Commented:
I think this will work for me.  I am using an ISA2004 firewall and the Lan clients were getting their proxy settings through a GP only.  I can now get rid of the GP for this and just use the DHCP/DNS proxy configuration.  That way when a user goes mobile, the remote DHCP/DNS system will not point them at our firewall for proxy services.

Thanks!

Mike
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now