I know this is a long shot, but figured I'd ask anyway. We have a group policy object that points everyone to a pac file to go through Scansafe for internet access, so in Internet Options, "Use Automatic Configuration Script" is checked and the address listed. In the GPO, we also have enabled "Disable Changing Connection Settings" so that people can't go in to Internet Options and uncheck the auto config script setting. All works well.
BUT, it would be nice if there was a way for administrators to be able to change the connection settings for trouble-shooting purposes. I know I could set up another OU for admin users and then only have the "Disable Changing Connection Settings" apply to everyone else, but that would only work when the administrator signs in to the computer with their user id. If I'm trouble-shooting why a user is having some random issue, it doesn't usually help to have them sign off and sign myself in. And I know I could change the setting in the group policy to allow access to the connection settings while I am troubleshooting, but that's annoying too. It would be great if I could just put in a password somewhere while the user is signed in, and then have access to change the connection settings. (Sidenote -- because of our dumb Lotus Notes databases, everyone has to belong to the local adminstrator group on their computer).
Anybody know of any way to set up group policy to be able to bypass the settings based on a password or something?