• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 344
  • Last Modified:

active directory 2003 organizational units

i have an active directory domain - with windows 2003 servers. i have a few organizational units with different group policies. now i need to have everyone go through my squid proxy server. i want the laptop users to use the proxy in the domain, but not when they are traveling. is there a way to do this?
0
JeffBeall
Asked:
JeffBeall
  • 3
  • 2
2 Solutions
 
Justin OwensITIL Problem ManagerCommented:
Not really.  You can set a top level GPO to set your proxy server for all your OUs easily enough.  What you CAN do is have your laptops in a different OU and not enforce it there, that way they can change the setting manually.  When the come back to the office, it will revert (GPO Allies again), but when they leave, they can change it to none.  That is how we accomplish it at my current location.

DrUltima
0
 
JeffBeallAuthor Commented:
i'm not concerned with getting the policy out to everyone - i'm more concerned with laptop users not going through the proxy outside the domain.
0
 
JeffBeallAuthor Commented:
i just had a thought - i could have an OU for laptops that doesn't have the proxy policy - then through their login script - make it so they use the proxy.
only problem is i don't know how to script. the current login "script" is a simple batch file that sets up the network shares.
would this be possible?
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
Justin OwensITIL Problem ManagerCommented:
Yes, but to make it transparent to the end user, you would also need a log off script to turn the proxy back off.  Batch itself cannot do it, but it can import registry settings which can:

http://www.experts-exchange.com/Programming/System/Windows__Programming/Q_21069499.html

This Question details how to accomplish through Batch registry manipulation.
0
 
xylogCommented:
You can set your browsers to autodetect and use WPAD -> http://en.wikipedia.org/wiki/Web_Proxy_Autodiscovery_Protocol Either using a DNS entry called wpad or a DHCP option. When off the network they will not resolve the DNS entry or have the DHCP setting so they will autodetect the lack of a proxy and directly access the net. WPAD is supported in Firefox also.
0
 
JeffBeallAuthor Commented:
thank you
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now