Proxy not working of non-interactive domain account

Question

Hello everyone,

we have the following issue in our domain environment:

We are currently using two domain accounts for working on our Windows 11 notebooks, one account without administrative rights and one account with administrative rights. We log in to the notebook using the account without administrative rights. When we need administrative privileges, for example, to install programs, selecting "Run as administrator" prompts a UAC prompt to provide the login credentials of the other account. This works without any issues. However, if we want to install Google Chrome, for instance, internet access is required as the installation agent retrieves the remaining information from the internet. The account with administrative rights needs access through our proxy server. This proxy server is set for all users via the registry path:

Computer\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings

ProxyServer = x.x.x.x:8080
ProxyEnable = 1

Unfortunately, internet access still doesn't work for this account (PowerShell executed with the login credentials of the account with administrative rights):

Invoke-WebRequest google.de -usebasicparsing
Fails: "Unable to connect to the remote server"

When I include a proxy server in this command, the query works. In our previous environment (Windows 10), this worked without specifying additional parameters. Strangely, the query works without specifying additional proxy parameters once you log in to the notebook with the second account with administrative rights and then go through the procedure again.

My initial research has yielded the following yet:

• I can exclude Group Policy Objects (GPOs) as the cause (I removed the system from all GPOs). Additionally, client-side GPOs apply to all users, and user-side GPOs are not applied to the second account (there are no internet-related GPOs except the proxy GPO, but the proxy setting for the second account is done through a client policy).
• The proxy server was set via the registry (as mentioned above). Setting it through environment variables did not change the result.
• Logging in to the Windows system once with the second account is sufficient to restore the previous functionality.
• I suspect it may be related to Windows 11, but I cannot say for certain. Everything works fine on Windows 10.

Answer 1

Hello there,

Is there anything in event viewer?

I would suggest you to use proc mon to identify if there is nothing on the event viewer.

Each event ID listed in the administrator console can be viewed in the Windows Event Viewer and corresponding descriptions and solutions are found below.

Open Event Viewer and look for events related to Web Application Proxy under Applications and Services Logs > Microsoft > Windows > Web Application Proxy > Admin

https://learn.microsoft.com/en-us/windows-server/remote/remote-access/web-application-proxy/troubleshooting-web-application-proxy

Hope this resolves your Query !!

--If the reply is helpful, please Upvote and Accept it as an answer--