No, this script configures machine-level settings for IE. You want Windows to control configuration settings for applications it doesn't know about? Did you actually read question this before sending it? -----Original Message----- From: Ara [mailto:ara@xxxxxxxxxxxxx] Sent: Saturday, March 26, 2005 12:00 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: possible fix ISAserver.org - Review of SurfControl Web Filter 5.0 for ISA Server 2004 http://www.ISAserver.org Jim, I looked into this script. A bit confused. As you say, this will setup user's proxy settings. The stupid question I have is if there are any settings in windows registry that will override all users' proxy entered manually no matter of IE or fire fox? Something that says this machine has to go to isa port 808o no matter what user types in proxy settings Thank you -----Original Message----- From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: Saturday, March 26, 2005 6:20 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: possible fix RE: ISAserver.org - Review of SurfControl Web Filter 5.0 for ISA Server 2004 http://www.ISAserver.org IE settings have their own place in IE. You can force proxy settings as well as "lock down" the user's ability to change them. "GPO is not for..." Hell, Firefox now has an AND script for it. ISA 2000 FWC makes a *one-time* change that is easily reversed by the least savvy user. ISA 2004 FWC *can* be instructed to reapply the settings, but it has to be done *by the user*. Consequently, the real answer is to use GPO to force the IE configuration and make it unavailable to the user. BTW, did you know that IE stores its configuration in no less than three places: - per-user (HKCU) - all users (HKU) - machine (HKLM) http://isatools.org/ie_proxy.vbs shows you how to set the machine-level proxy settings in the registry. This script also prevents the user changes from having any effect on IE behavior. If you don't have / use GPO, you can add this to the machine logon script. ..now quitcherbitchin and get back to work. ...jeez... -----Original Message----- From: Roy Tsao [mailto:roy_tsao@xxxxxxxxxxxx] Sent: Thursday, March 24, 2005 12:19 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: possible fix RE: ISAserver.org - Review of SurfControl Web Filter 5.0 for ISA Server 2004 http://www.ISAserver.org GPO is not for pushing down the IE proxy setting, it is for lock the setting tab at user's IE, then FCW with webproxy setting is fixed and unchangable at user's side! ----- Original Message ----- From: Ball, Dan <mailto:DBall@xxxxxxxxxxx> To: [ISAserver.org Discussion List] <mailto:isalist@xxxxxxxxxxxxx> Sent: Friday, March 25, 2005 4:06 AM Subject: [isalist] RE: possible fix RE: ISAserver.org - Review of SurfControl Web Filter 5.0 for ISA Server 2004 http://www.ISAserver.org Could you please explain this a bit more? I fail to see how it would make a difference whether the proxy settings were pushed out via FWC or GPO. Either way, you have the proxy settings in IE, and they can disable them. ________________________________ From: Roy Tsao [mailto:roy_tsao@xxxxxxxxxxxx] Sent: Thursday, March 24, 2005 14:39 To: [ISAserver.org Discussion List] Subject: [isalist] RE: possible fix RE: ISAserver.org - Review of SurfControl Web Filter 5.0 for ISA Server 2004 http://www.ISAserver.org To make a consistant filter to user's web access, only GPO is effective because user under FWC only can disable web proxy server for a while until FWC is refreshed! If some bad boy would like to see a prohibited site, they can uncheck webproxy tab! ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: roy_tsao@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: ara@xxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned.