We help IT Professionals succeed at work.

Allow Internet Options Connection Settings Changes with Password???

608 Views
Last Modified: 2012-05-11
I know this is a long shot, but figured I'd ask anyway.  We have a group policy object that points everyone to a pac file to go through Scansafe for internet access, so in Internet Options, "Use Automatic Configuration Script" is checked and the address listed. In the GPO, we also have enabled "Disable Changing Connection Settings" so that people can't go in to Internet Options and uncheck the auto config script setting.  All works well.

BUT, it would be nice if there was a way for administrators to be able to change the connection settings for trouble-shooting purposes.  I know I could set up another OU for admin users and then only have the "Disable Changing Connection Settings" apply to everyone else, but that would only work when the administrator signs in to the computer with their user id.  If I'm trouble-shooting why a user is having some random issue, it doesn't usually help to have them sign off and sign myself in.  And I know I could change the setting in the group policy to allow access to the connection settings while I am troubleshooting, but that's annoying too.  It would be great if I could just put in a password somewhere while the user is signed in, and then have access to change the connection settings.  (Sidenote -- because of our dumb Lotus Notes databases, everyone has to belong to the local adminstrator group on their computer).  

Anybody know of any way to set up group policy to be able to bypass the settings based on a password or something?  
Comment
Watch Question

Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
Sjef BosmanGroupware Consultant
CERTIFIED EXPERT

Commented:
<sidenote>
Just my sidenote: even a (dumb) administrator should be able to find out that Notes can be configured so that the folder tree is located in a user-accessible area where no local admin rights are required (outside the Program Files folder).
</sidenote>
Sjef BosmanGroupware Consultant
CERTIFIED EXPERT

Commented:
Ah, my bad, that sounds harsher than I meant it to be...

Author

Commented:
Thanks everyone.  I will play around with it and see if I can get it to work putting admins in another OU so that the "Run As" will work.  Hadn't thought of that.  If not, might try the WPAD.  

NP sjef bosman -- it's someone else who is the Notes admin and we've had the admin necessity question for a while.  Thankfully we're slowly moving off of it anyway, so hopefully in a year the issue will go away.
Sjef BosmanGroupware Consultant
CERTIFIED EXPERT

Commented:
Hiring a proper Domino admin is a lot cheaper in the end, in 99% of all cases.
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.