internet problem
in our network sometimes internet explorer gets error access denied(policy_denied) and it corrects automatically after sometimes . when it gets error , we cannot ping ip of that computer from another computer . but from that computer to other computer is ok .
Last Comment
Sekar Chinnakannu
try with some other browser if its working fine then check your proxy setting in IE., uncheck automatically detect settings.
ASKER
it is not browser issue or computer issue . same with different browser and different computers . it happens only for active directory users with proxy server
check any new security settings on your network is prevented. Else network team could be trying a new policy or a proxy server to check the Usage.
denied(policy_denied) is an error when your proxy server denies your request to a web page. This can be due to the rules configured in the proxy server, or the proxy admin playing with policy or if your proxy give u access based on user authentication via active directory, and your userid might not be there in the internet allowed group/ID
ASKER
hello ujitnos,
this error comes only sometimes , all other time internet works .
yes, happens. It might also have to do with how your proxy is configured. It happens if you change from a Wireless to LAN connections is your proxy is set in a particular way.
Does it happen only for you or all users? If its for all users then its definitely a rule in the proxy thats doing this.
Are you managing the proxy ? If not did u try contacting the proxy admin ?
Does it happen only for you or all users? If its for all users then its definitely a rule in the proxy thats doing this.
Are you managing the proxy ? If not did u try contacting the proxy admin ?
ASKER
it happens for different active directory users ..so many users. some users it gets everyday .
we have bluecoat , mcafee and also group policy internet timing rule . it was noticed that when problem happens we cannot ping ip of the computer , but computer can ping other ip . a firewall block . but it is not computer problem as formatted computer also it happened
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
hello activedirectoryman,
if it is issue with rule of bluecoat , why it happens only sometimes . by policy trace what can be find out ?
policy trace is simply a debugging tool that is enabled for troubleshooting access to websites. if the website should be allowed but its denied or if its allowed but should be denied then using policy trace is the best way to diagnose the issue.
Yes i too have observed this with Bluecoat proxy.
Create a last rule for any to any and action as "none" . Now create a "track".
Go to https://<ipaddress>:8082/policy and select the tracker name. go through the log and see which policy is causing this.
Create a last rule for any to any and action as "none" . Now create a "track".
Go to https://<ipaddress>:8082/policy and select the tracker name. go through the log and see which policy is causing this.
ASKER
does it mean some policy rule in blue coat making error some times "access denied(policy_denied)" ?
does it make any issue with group policy on active directroy ?
note : only some time for different users at different times
with group policy u r pushing the proxy setting to user. How is the authentication set in Bluecoat, IWA and BCAAA ? Check the global settings in IWA.
the error definitely say that a policy is blocking the access.
If u have one rule that defines a set of Active directory users access to the internet and a rule below it to block access to any other user, its possible that due any given reason the user ID is not populated in the set of users who has internet access, and so the traffic is being blocked by the rule below it.
the error definitely say that a policy is blocking the access.
If u have one rule that defines a set of Active directory users access to the internet and a rule below it to block access to any other user, its possible that due any given reason the user ID is not populated in the set of users who has internet access, and so the traffic is being blocked by the rule below it.
we cannot ping ip of the computer - what do u mean by this ? You cannot ping the user system when this error appears ? are u pinging with hostname or IP address, when u say that you are not able to ping.
ASKER
from another computer i cannot ping computer which has problem
i can ping any ip from the computer which has problem
as you mentioned
its possible that due any given reason the user ID is not populated in the set of users who has internet access
what reason may be
i can write in detail error
"Access Denied (policy_denied)
Your system policy has denied access to the requested URL.
For assistance, contact your network support team.Your request was categorized by Blue Coat Web Filter as 'search engines' "
but everything ok sometimes and sometimes get same error
Ok.. when the issue happens can u ping the proxy from the system which has the issue? also do a telnet on the proxy port from the system that has the issue.
telnet <ip address> <port>
see if u are able to connect (get a blank screen or a banner). If u are able to telnet and still get the error, you will need to go through the logs (policy trace) for the user when the issue happens.
telnet <ip address> <port>
see if u are able to connect (get a blank screen or a banner). If u are able to telnet and still get the error, you will need to go through the logs (policy trace) for the user when the issue happens.
ASKER
able to ping
but telnet is not sure
but telnet is not sure
Microsoft Legacy OS
The Microsoft Legacy Operating System topic includes legacy versions of Microsoft operating systems prior to Windows 2000: All versions of MS-DOS and other versions developed for specific manufacturers and Windows 3/3.1, Windows 95 and Windows 98, plus any other Windows-related versions, and Windows Mobile.
55K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
