+ Post New Thread
Results 1 to 10 of 10
Windows Thread, Odd IE proxy problems when distributed by GPO... in Technical; Hello all! I'm having some problems working out exactly whats going wrong with group policy application in one of our ...
  1. #1

    Join Date
    Mar 2008
    Location
    Norfolk
    Posts
    237
    Thank Post
    5
    Thanked 10 Times in 8 Posts
    Rep Power
    21

    Odd IE proxy problems when distributed by GPO...

    Hello all!

    I'm having some problems working out exactly whats going wrong with group policy application in one of our ICT rooms and i hope someone can help!

    We have a new filtering system that is set to apply different filters depending on which port you route traffic through. Student users have a user group policy set to route traffic through a particular port, thereby getting the correct level of filtering. This works fine all over site apart from one room where the old settings continue to apply irrespective of what I do. The old settings in question point directly to our cachepilot proxy server, by-passing the new filter, and referring internet traffic out to our broadband conection - since taking on our new filter our connection is no longer filtered at LA level, so this means that students are getting unfiltered access to the internet!

    I've run an RSOP test on a real student on a real computer in that room and the result gives what i'd expect to see - the proxy address set to our filter. This behaviour is not what happens for real, however. I've been through the policies and can't see any discrepancies; the settings are identical for all intents and purposes to a student logging on in one of our other rooms and getting the right proxy.

    I made sure that the Internet settings in group policy were tidied up when i first rolled out the proxy changes; so browser customisations on all policies apart from the one containing the proxy setting were reset. I've tried this again, with no effect. I've cleared all profiles from the PCs in question, so no old settings can be effecting behaviour; i've also edited the student mandatory profile to include the correct proxy address. Nothing yet has worked.

    I get the impression that something is blocking the computers from receiving the relevant user policy but can see no errors or behaviour that would explain whats going on or indeed give me any hints as to how to fix.

    Any ideas, please?

  2. #2

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,345
    Thank Post
    242
    Thanked 1,602 Times in 1,278 Posts
    Rep Power
    346
    Try deploying settings via GPP as well as GPO, like the example here.

  3. #3

    Join Date
    Mar 2008
    Location
    Norfolk
    Posts
    237
    Thank Post
    5
    Thanked 10 Times in 8 Posts
    Rep Power
    21
    Thanks for the hint - i've added the extra settings but to no avail. A student logging in on the computers in question still sees the old settings. Feels like the computer just isn't applying the policy at all!
    We've a mix of 2003 and 2008R2 servers - the main DC is 2003. I've made the GPP changes on a 2008R2 DC and i'm assuming this will still work?

  4. #4

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,345
    Thank Post
    242
    Thanked 1,602 Times in 1,278 Posts
    Rep Power
    346
    Yes it should still work correctly.

  5. #5

    Join Date
    Mar 2008
    Location
    Norfolk
    Posts
    237
    Thank Post
    5
    Thanked 10 Times in 8 Posts
    Rep Power
    21
    Hmm.. Getting an error on the 2k8 server when running the RSOP on this with the registry settings enabled - have applied a hotfix, but needs a restart over night to activate it. Think i'll revisit this tomorrow!

  6. #6

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,345
    Thank Post
    242
    Thanked 1,602 Times in 1,278 Posts
    Rep Power
    346
    I suppose another thing to check is whether or not there's a conflicting policy within your policy structure.

  7. #7

    Join Date
    Mar 2008
    Location
    Norfolk
    Posts
    237
    Thank Post
    5
    Thanked 10 Times in 8 Posts
    Rep Power
    21
    Going mad with this. Pushing registry settings out with a GPP appears not to work; checking it with an RSOP gives a 'group policy registry' failure. Can't see any conflicts. I can delete the particular registry key that holds the proxy setting and run a gpupdate and it then works, but not much help...

  8. #8

    witch's Avatar
    Join Date
    Nov 2005
    Location
    Dorset
    Posts
    11,521
    Thank Post
    1,532
    Thanked 2,639 Times in 1,827 Posts
    Rep Power
    814
    Are you sure there isnt a rogue policy somewhere which just sets the proxy on this one room?
    Or, conversely, can you create a new policy setting the correct proxy just for this one room?
    I had to do the latter the other day - one set of computers would NOT pick up the new home page settings. I couldnt see ANYTHING in any policy stopping it but in the end creating a new policy was the only thing that worked. I still dont know what was going on

  9. #9

    Join Date
    Mar 2011
    Location
    Bournemouth
    Posts
    280
    Thank Post
    16
    Thanked 74 Times in 64 Posts
    Rep Power
    22
    TBH I found the most effective way was to push out the registry settings using GPP.

    HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Internet Settings\ProxyEnable - REG_DWORD - 0x0 (Disabled) / 0x1 (Enabled)
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Internet Settings\ProxyServer - REG_SZ - proxy server address
    HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Internet Settings\ProxyOverride - REG_SZ - <local>

  10. #10

    Join Date
    Mar 2008
    Location
    Norfolk
    Posts
    237
    Thank Post
    5
    Thanked 10 Times in 8 Posts
    Rep Power
    21
    Hmm... Think i have this resolved - or rather i've got a work around, but no closer to finding out why it was happening. I could not get the GPP thing to work - it throws up an error on our 2k3 domain controller when you run the GP modelling tool against it, and never works on the client machine. Wierd. In the end i saw that the correct policy would be applied if i ran gpupdate whilst the user was logged in (students don't have the rights to do this, so was done remotely using Impero). Soooooo i added the gpupdate command to the end of the login script and it works now.

    Thanks for the help!



SHARE:
+ Post New Thread

Similar Threads

  1. IE Proxy Problems
    By placky in forum Windows
    Replies: 12
    Last Post: 9th October 2008, 05:33 PM
  2. Auto logoff by GPO?
    By contink in forum How do you do....it?
    Replies: 8
    Last Post: 31st March 2007, 11:12 PM
  3. DNS Problem When Reinstalling XP
    By Pear in forum Wireless Networks
    Replies: 10
    Last Post: 5th January 2006, 04:27 PM
  4. Possible Proxy Problem
    By Pear in forum *nix
    Replies: 6
    Last Post: 1st November 2005, 09:31 AM
  5. Replies: 6
    Last Post: 20th October 2005, 07:48 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •