Using automatic proxy configuration
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
Using automatic proxy configuration
Conflicting or improperly configured proxy settings on user computers can restrict user access to external sites while the user is connected to a corporate network. By reconfiguring user proxy settings, you can ensure that the user has appropriate access to internal and external resources.
Requirements for proxy configuration
In order for you to use this feature:
Your users must have Internet Explorer 4.01, Internet Explorer 5.01, Internet Explorer 5.5, or Internet Explorer 6 installed on the computer.
Your network must include a proxy server.
Internet Explorer 4.0 requires a slightly different approach than Internet Explorer 4.01, Internet Explorer 5.01, Internet Explorer 5.5, and Internet Explorer 6. With Internet Explorer 4.0, proxy settings apply to all connections on the computer. With Internet Explorer 4.01, Internet Explorer 5.01, Internet Explorer 5.5, and Internet Explorer 6, different settings can apply to different connections on the same computer. If any of your users run Internet Explorer 4.0, you should choose to restore the computer’s previous proxy settings when the user disconnects.
Note
- You can choose to restore the previous proxy settings when users disconnect without adversely affecting users running later versions of Internet Explorer. Therefore, if you are building a profile for use with multiple versions of Internet Explorer, you should choose to restore the client settings.
Syntax of proxy configuration files
In order to use automatic proxy configuration in a service profile, you must create a plain text file that specifies the following values:
Key | Value |
---|---|
[Automatic Proxy] |
No value. Section header for automatic proxy settings. |
[Manual Proxy] |
No value. Section header for manual proxy settings. |
AutoProxyEnable |
0 = Automatic proxy detection is disabled.1 = Automatic proxy detection is enabled. Note: This feature is not supported for Internet Explorer 4.0 and earlier. |
AutoConfigScriptEnable |
0 = Automatic proxy script will not be executed. 1 = Automatic proxy script will be executed. |
AutoConfigScript |
The URL that points to the automatic proxy script. |
ProxyEnable |
0 = Manual proxy detection is disabled. 1 = Manual proxy detection is enabled. |
ProxyServer |
The name and the port of the proxy server. |
ProxyOverride |
The Domain Name System (DNS) addresses, separated by semi-colons, that should not be passed on to the proxy server. You can use the value <local> to bypass the proxy server for local addresses. If you include this value, it should be the final value in the string. |
The following is an example of a simple proxy text file for Awesome Computers, simpleproxy.txt:
[Automatic Proxy]
AutoProxyEnable=1
AutoConfigScriptEnable=1
AutoConfigScript=www.awesome.com/proxysettings.txt
[Manual Proxy]
ProxyEnable=0
You can configure far more complex proxy settings. In the following example, complexproxy.txt, automatic proxy detection is used where possible, and a manual proxy supports Internet Explorer 4.0 users, who cannot use automatic proxy detection. Different protocols use different proxy servers, and several addresses have been excluded from the proxy.
[Automatic Proxy]
AutoProxyEnable=1
[Manual Proxy]
ProxyEnable=1
ProxyServer=ftp=FTPProxyServer:2010;gopher=GopherProxyServer:1066;http=HTTPProxyServer:42;https=SecureProxyServer:1984;socks=SocksProxyServer:5150
ProxyOverride=DNSaddress1;DNSaddress2;<local>
For more information about proxy settings in Internet Explorer, refer to the Internet Explorer Administration Kit.
For more information about Connection Manager keys and values, see Advanced Customization.
Note
- Users who select the Log on using dial-up connection check box gain access through an account designed for this method of logging on. The Log on to Windows account has only minimal permissions, and any customized settings for Connection Manager, including proxy configuration, are applied to the Log on to Windows account, rather than to the account of the user who logged on. For more information, see Incorporating Connection Manager with logon security.