Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 8653
  • Last Modified:

Group Policy Won't Update "Use Automatic Configuration Script"

We are about roll out Scansafe and point all users to the pac file that will point them to the proxy.  Our Scansafe rep told us that we could use Group Policy to do this by going to:

User Configuration > Windows Settings > Internet Explorer Maintenance > Connection > Automatic Browser Configuration

and doing the following:
 - checking "Enable Automatic Configuration"
 - entering the path to the pac file ("http://[server name]/[pac file]") in the field for "Automatic proxy URL".  (when we put this path in directly into Internet Options > Connections, it works fine)

However, once I force a gpupdate, and verify that my user is getting the group policy (through gpresult /r), it still does not show up in Internet Options, and if I check the registry, it's not there either.  I've tried enabling "Disable caching of Auto-Proxy scripts" as well on the gpo, but that doesn't help.  

I've tried the following custom adm, but that doesn't do anything either.
 
CLASS User
CATEGORY "Internet Explorer"
POLICY "Proxy Server Connection"
KEYNAME "Software\Microsoft\Windows\CurrentVersion\Internet Settings"
PART "Use automatic configuration script"
EDITTEXT
VALUENAME "AutoConfigURL"
END PART
END POLICY
END CATEGORY

Open in new window



When I look at rsop.msc and go to the Automatic Browser Configuration, it shows the correct settings as I had set them in the gpo.  On the next tab -- Auto-Cfg Detect Precedence, the gpo that this setting is in is listed first, with all gpo's showing the setting as disabled.  On the next tab -- Auto-Cfg Enable Precedence, the gpo the setting is in as at the top showing enabled, and the other gpo's show disabled.  (not sure if this matters but figured I should include it)

Anybody have any ideas why this gpo isn't updating Internet Options?  We've never had issues with GP before, and have successfully enabled standard proxies in the past, but never have worked with automatic configuration scripts before.  
0
cmg-support
Asked:
cmg-support
  • 4
  • 3
1 Solution
 
Mike ThomasConsultantCommented:
Have you ticked enable automatically detect settings and enable automatic configuration

I know the former should not be needed but for a recent deployment of a Websense Pac file config I found that I had an old corrupt legacy policy applying this setting, and for some reason it was messing with my policy, what i had to do was tick that box on the new policy AND ensure the old policy was no longer applying (removing the setting was not enough)

You can use RSOP to see if the policy setting is being overwritten by another policy.


0
 
cmg-supportAuthor Commented:
Thanks MojoTech, but that doesn't seem to have helped.  Although it shows that that policy's settings are highest priority on the second two tabs of the Automatic Browser Configuration in rsop.msc, it does show the Default Domain Policy underneath, showing disabled.  I'm wondering if because at one point, the Default Domain Policy had Automatically Detect Settings enabled, and then it was disabled later (unchecked), if that's trumping my new group policy object.  If that's the case, I don't know how to override it.
0
 
Mike ThomasConsultantCommented:
That is pretty much what happened to me except it wasn't the default domain policy si i could easily deal with it, as a test try to put all the settings into the default domain policy. If it works think about recreating the default domain policy from scracth without these settings.

0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
cmg-supportAuthor Commented:
Is there anyway around this?  My boss doesn't want anyone to touch the default domain policy.
0
 
Mike ThomasConsultantCommented:
Not that I figured out unfortunately.
0
 
cmg-supportAuthor Commented:
Update - I tested this over the weekend while no one could be affected.  I put the settings in the default domain policy, and it worked -- pushed them down to my computer.  So that was the issue.  Would be nice not to have to use that policy for these settings, but it looks like we will have to.  Thanks for the help!
0
 
cmg-supportAuthor Commented:
Just an update to this -- after much googling, I found a reference to an option "Reset Browser Settings" within GP.  If you go into Internet Explorer Maintenance on the gpo, and right click on it, there is an option "Reset Browser Settings".  Doing so erases all settings from the gpo within that category.  I made a copy of our default domain policy and then tested it out on there, and it did just that -- so that it doesn't show the Automatically Detect Settings at all.  Although I haven't done this on the real default domain policy, I'm assuming once I do that, the other gpo that I set up for the pac file won't be overwritten by the default policy anymore.
0
 
dsuskiCommented:
cmg-support  I just tested your theory and it worked.  We were having the same issue.  There was a previous config in the domain policy that was overwriting our "User" Internet Explorer Maint setting in another policy.  The domain policy was blank thus making the users settings blank.  Thanks for the tip!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now