Configuring group policy to bypass proxy server for local addresses and adding a domain to trusted root certificate authorities
I would create a test GPO and deploy it to a test group first, but I think this will be very simple to do. Setup your proxy settings in Internet Explorer on the computer with GPMC installed. Open GPMC and create a new Group Policy Object. Edit the new Group Policy Object and go to User Configuration->Windows Settings->Internet Explorer Maintenance->Connection. Then select "Import the current Connection settings from this machine". This should import all the connection settings which will include the proxy setup.
Related videos on Youtube
Simon Kiely
Masters machine learning student who doesn't know Python. At all.
Updated on September 18, 2022Comments
-
Simon Kiely over 1 year
I am an intern who has just started in a new company. I have never used the group policy editor before. However I suggested that I believed it is possible to accomplish the two tasks we wish using the editor rather than individually going around to hundreds of PCs and implementing these settings ourselves.
We have recently rolled out some new connection settings and an Intranet page. There are two things this means :
- Since we are using a self-signed certificate in order to avoid this page :
we need to add our local domain to the trusted root certificate authorities for all users in the domain like so :
- Our company uses a proxy server to connect to the Internet. Our Intranet site needs to bypass this. This is a setting ~600 users of our company have not set (and as this is not a tech company, it would be a long and arduous process to get them to do it themselves).
The settings we need are as follows on IE :
Can anyone help me with implementing these settings domain wide using the group policy editor or similar?
Ideally I'd like to create a subset of users and test it with them before rolling out - just so I don't break everyone's Internet. I have searched all over the Internet for a guide to doing this, but there is a notable lack of information on accomplishing this task written in a clear/understandable way.
Any help in this would be greatly appreciated. Thanks a lot!
-
Kinnectus about 8 yearsP.s. You don't add a domain to a trusted root certification authority, you add a certificate (your intranet server's certificate) to the client machines. This way they won't get the IE error.
-
Nasir almost 11 yearsJust make sure that your settings are done properly before an "import". Because these will be the settings applied to everyone affected by the GPO.
-
xxl3ww almost 11 yearsAgreed, I definitely would NOT edit a current GPO. Add a new one, so if something goes wrong, you can just delete it.
-
Simon Kiely almost 11 years@xxl3ww Many thanks for your help with this. I have installed GPMC and ran it to create a new GPO. I am now in Windows Settings, and there is no "Internet Explorer Maintenance" as far as I can see. Can you offer any guidance here? Thanks a lot :)
-
xxl3ww almost 11 yearsI was giving directions for Windows Server 2003. If you're on 2008 go to User Configuration->Policies->Windows Settings->Internet Explorer Maintenance
-
DavidPostill about 9 yearsPlease read the question again carefully. Your answer does not answer the original question.