I have an OU that contains only computer objects which are all Citrix servers. It is necessary to setup all of these servers so that they each meet the following single criteria with regards to proxy settings:
1) All of the servers have a permanent proxy setting that users cannot change (except admins)
Sounds pretty simple, but I am running into a few roadblocks.
I thought that I could simply create a group policy for these servers in the OU where they reside and set the proxy setting as a "machine" based policy rather than per user, then, as a test, I logged into one of the citrix servers after refreshing the policy as an administrator and I set the proxy settings. I logged out, logged in as a normal user and I did not have the settings and I was freely able to change, disable or enable the settings. Ok, plan A did not appear to work. I figured there was no point setting the USER group policy in the OU since there are no users that reside within the Citrix OU, they are instead outside in other various OU's within the same domain, but I tried it anyways, setting the proxy server in the USER config, again, this did not seem to work.
To top this off, I am slightly confused why the Computer config in the GP that I created does not have a section to actually enter the proxy settings. I know that I could probably create a custom ADM file to do this, and in fact this might be the way to go, or maybe it's overkill and there is a simple fix that I am overlooking. Or maybe.....just maybe, group policy is not the way to go?
Looking for a light at the end of the tunnel,