Found a solution to the problem I talked about the last post. The answer was use a proxy server. The proxy server is actually a file pointing to the local host with a bit of scripting involved that either returns the outside interface "proxy server unavailable". Which works out pretty well, because you get the effect of blocking the Internet. The proxy file is located on a read-only network share, and is copied to the computer whenever the user logs in. So even if the Internet goes down, you still have the old proxy file. And when the Internet comes up, you get the latest, greatest version.
That seems to work a lot better in theory than content adviser. And for some reason I want to spell adviser as "advisor". Anyways.
The hard part was need to rebuild the IE auto-install to get the proxy settings into the Internet Options control panel, and turning off Content Adviser. That required removing the computer from the domain, use "Turn Windows Features On and Off" to remove and re-add IE 11 with none of the IEAK options set. The rejoin the domain, and then the IEAK version to have the proxy file working and in place.
The great benefit of this approach is the proxy file works with Chrome as well.
But there are certain programs we use that are hard coded to use Internet Explorer, so there's no option of permanently going away from that.
Yay. Now all I have to do is get the logon script working properly, and everything will be great. Did I mention I'm deploying the computer Monday afternoon?
My Active Directory learning was from this book: Windows Server 2008 Active Directory Configuration.
No comments:
Post a Comment