Old proxy Settings still being deployed, How?
Hey there,
We used to run a ISA2004 Box, and each users PC had settings deployed from group policy.
We changed this out for a Content filter appliance, running in proxy mode, in which i needed to change the proxy server IP etc for all clients.
This seemed to rollout to most PCs, however, as we build new pcs, or new users it seems when the logon they get the old ISA settings still
I have done a GPRESULT and confirmed the policies they are getting and double checked those to confirm they dont have any old isa settings in them, which they dont
we also use a logon script tool call desktop authority, which is just a gui driven logon script creator, and i checked in the profiles of that tool also, and there are no proxy settings being deployed at all from it
so its definetly from GP, is there any way to audit i guess what made the change to IE ?
We used to run a ISA2004 Box, and each users PC had settings deployed from group policy.
We changed this out for a Content filter appliance, running in proxy mode, in which i needed to change the proxy server IP etc for all clients.
This seemed to rollout to most PCs, however, as we build new pcs, or new users it seems when the logon they get the old ISA settings still
I have done a GPRESULT and confirmed the policies they are getting and double checked those to confirm they dont have any old isa settings in them, which they dont
we also use a logon script tool call desktop authority, which is just a gui driven logon script creator, and i checked in the profiles of that tool also, and there are no proxy settings being deployed at all from it
so its definetly from GP, is there any way to audit i guess what made the change to IE ?
ASKER
They all get put into the same OU yes.
they would have the same GPO applied but ive checked the settings in the GPOs and the old ISA settings no longer exist in ay
they would have the same GPO applied but ive checked the settings in the GPOs and the old ISA settings no longer exist in ay
Is it possible that the proxy settings are part of a base computer build?
ASKER
No, as new images have been created since
I think they're still getting the old proxy settings from the GPO. Try to turn off completely the proxy settings in the GPO (new and old settings), then type "GPupdate" on all the PCs to make them update the new blank setting. After that, turn it on again to point to the new content filter appliance IP, then again type "GPupdate /force".
Hope this helps.
Hope this helps.
Can you run rsop.msc on the new bulid PC's and check the IE setting and let me know
ASKER
TRied this, still no luck this still appears to be happening
By any chance were your old IS2004 proxy server name / ip address being setup on client via DHCP / DNS using a wpad.dat file???
ASKER
no, checked that also
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Whether both the new build PC's and old PC's resides on the same OU?
Or both has the same GPO applied?
Run RSOP and check the setting on the new bulid PC's