That's what I was getting at. Very easy to publish wpad.dat or proxy.pac via DHCP option 252 to all clients. Make sure you point to the wpad.dat/proxy.pac by FQDN, not IP, so the proxy is gracefully ignored when the PC is off the corporate network.
-Malcolm -----Original Message----- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Monday, July 12, 2010 09:27 To: NT System Admin Issues Subject: Re: Internet Proxy - Group Policy Question IMHO, this is not the most effective way of going about it. I would instead enforce that IE (and if you can, any other browsers) to automatically detect proxy settings, then set up http://wpad.example.com/wpad.dat, then configure wpad.dat with the settings you want. That way, if the above URL isn't available - because they're outside your perimeter, for example - then the browser is free to go direct, and not use the proxy. Kurt On Mon, Jul 12, 2010 at 04:08, Gavin Wilby <gavin.wi...@gmail.com> wrote: > Good Afternoon all, > I have a quick question regarding Internet Proxys. > I have a site that has a GPO that forces all users to to run through > the Message Labs proxy server. The policy forces it so it cannot be > turned off, and there are one or two exceptions in that policy. > Now this is all well and good right up until the point that one of the > users (a director) takes his laptop out of the building, and then > disappears abroad with it without telling us. The internet then stops > working for him, as Im guessing that its trying to use a proxy server > that it can neither find, nor authenticate to. Due to the policy being > forced he, as an end user cant turn it off, and we have resorted to > manually changing the registry to get it working again. > The GPO mentioned above is of course a USER based policy, so I cant > omit his laptop from it, and although I could omit HIM from it, I dont > really want to, as it means he has free rein on every PC he logs into. > No doubt Im missing something blindingly obvious here, but whats going > to be the best solution? > > -- > Gavin Wilby, > Twitter: http://twitter.com/gavin_wilby > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~