HELP IE connection settings tab

  • Thread starter Thread starter anonymous
  • Start date Start date
A

anonymous

HI all,
I had set the connection tab thru group policy to be
disabled. I had a network connection problem and it
seemed to change the LAN setting and unchecked the auto
proxy detection. Now all my XP users cannot connect to
the interenet. Even when I enable the connection tab it
is grayed out under the user and I cannot change it. I am
not able to re-install IE on XP so does anyone have any
suggestions?
Very important for our business.
Sherry
 
Make sure you enabled the setting in the same GPO where you disabled it or create a
new GPO to do such and place it above the existing GPO in the list. GPO's can take up
to a couple of hours to propagate to a computer. After configuring on a domain
controller, run " secedit /refreshpolicy user_policy /enforce" . You can do the same
on Windows 2000 workstations after that and user gpupdate /force an XP Pro computers
or have the users logoff and logon - possibly twice to speed up user policy
propagation. Gpresult can display where a logged on user is getting GPO's applied
from and the last time they were applied. The /v switch will show detailed info
including the registry settings applied to a user by a Group Policy.

You can also configure proxy settings for users in Group Policy under user
configuration/Windows settings/Internet Explorer maintenance/connections -
ttings. -- Steve
 
Thanks,
I only have one group policy running I placed it on the
entire site. I logged the user on my computer and it
picked up my internet settings. Then I logged on her
computer and she had internet access but now the
connection tab shows up but the lan settings are still
grayed out. I did use the gp under user config,
connection, proxy setting to tell all users of that
machine to use the same proxy settings and I listed my
proxy IP but I don't think that is what fixed it. Now I
just need to find out what will make the LAN settings not
grayed out.
Lessons learned, don't put gp at site level. When first
setup I just used the default users container for my
users.
Would the correct process be to setup a OU for all my
users then apply gp to that OU and remove from site level?
If I remove from site level is it going to cause a
problem maybe leaving some policies where I cannot change
them later? Also, how do I move the gp?
Also, do all my users have to be a member of domain users
or is that just another group that allows secuity rights.
Does the system use domain users as a way to validate
logins or something else?
Thanks for your help
Sherry
-----Original Message-----
Make sure you enabled the setting in the same GPO where you disabled it or create a
new GPO to do such and place it above the existing GPO in the list. GPO's can take up
to a couple of hours to propagate to a computer. After configuring on a domain
controller, run " secedit /refreshpolicy
Click to expand...
user_policy /enforce" . You can do the same
on Windows 2000 workstations after that and user
Click to expand...
gpupdate /force an XP Pro computers
 
I have not had to much experience with sites other than set one up for a tests but
that was with fast links. It probably is best to try to use GPO's at the domain or OU
level if possible. Policies are applied in this order with the last policy applied
takes precedence if settings are defined at multiple levels - local>site>domain>OU.
If you create GPO's at the OU level and configure the settings you want, they will
override site GPO. It would be easy to move users into their own OU or OU's. So that
would be one way to fix your problem if you disable the setting to hide the
connections page for IE. GPO's can be linked to any object, so you could link it to
the domain/OU and unlink it from the site. Group Policy settings that are not under
administrative templates may "tattoo" the registry if unlinked or deleted so you will
need to "undo" any such settings in the future if they are not going to be defined in
a new GPO for the same user/computer. Just go to the appropriate container/OU and
select properties/Group Policy to unlink, add, or create a new GPO.

I would leave all users as domain users. Yes the domain users can be used to give
users permissions and rights. You can of course add users to new global groups if you
want to give just the users in that group permissions to resources or user rights.
When you create a Group Policy, by default authenticated users have read and apply
permissions to the GPO. If you do not want it to apply to administrators you can give
deny permissions to just apply policy which is called filtering a GPO. The link below
is a pretty good article on Group Policy. --- Steve

http://www.microsoft.com/resources/...erver/reskit/en-us/distsys/part4/dsgch22.mspx
http://www.microsoft.com/windows2000/techinfo/planning/management/groupsteps.asp
 
Back
Top