Disable Proxy Server

Question

We use a proxy server here but occasionally the user needs to disable it. I have the registry keys that disable it but it doesn't seem to take effect until after a reboot. Is there a service or services that I can stop/start to make the changes to the proxy settings take effect? My goal here is to create a bat file that the user can run when they need to bypass the proxy.

Thanks

Usually it affect directly without a reboot, can you paste the script you use ? — yagmoth555, Oct 24 '17 at 00:30
You're lacking many key details in order to get more than a general help. — Marco, Oct 24 '17 at 04:30

Marco · Answer 1 · 2017-10-24T04:51:26.677

To answer your question, as @yagmoth555 points in the comments: this registry setting should apply just by restarting the browser.

If it doesn't to you, try the following:

Create a Batch File like proxyOff.Bat

reg add "[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]" /v ProxyEnable /t REG_DWORD /d "0" /f

Create a Batch File like proxyOn.Bat

reg add "[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]" /v ProxyEnable /t REG_DWORD /d "1" /f

This settings should apply right after a browser restart. If they don't, please check wheter the browser is actually been killed. I've seen so many times no windows and still browser's proecesses running. If that's the case, please investigate with task manager.

Anyhow, I don't like this solution at all.

What you want to do would be better achieved in many other ways: I'll suggest two.

I'd just use a GPO to bring users the right to disable proxy. In the link there's a good starting point.
Moreover, giving users such rights is always a last resort idea for me; if you can dedicate more effort at the initial configuration, investigate about why they need to disable the proxy, and configure your proxy/firewall/gateway/UTM in order to bypass proxy when needed, using either local, or remote, or time based, or user/account based exceptions.

If you do this way you can still control what they do, if you give them right to disable proxy, sooner or later someone will disable it for evil or dangerous purposes, and not for the reasons that are leading you to the conclusion that:

occasionally the user needs to disable it.

Thanks Marco. The reason the user needs to disable the proxy is because the proxy sends all web traffic through our VPN. When the user is offsite, some wifi connections have a splash page used to login/connect. The splash page cannot load because the machine is not on the VPN. So the user disables the proxy, connects to wifi, then connects to the VPN. — Mike, Oct 24 '17 at 15:03
As a possible alternative you could do web proxy auto-discovery (put up an internal webserver at wpad.yourdomain to server a magic _wpad.dat_ file that points the browser towards the proxy). Before they connect to the VPN, they will not be able contact the WPAD server so should fall back to a direct/non-proxy setup and enable them to access the splash page. Probably they would have to restart their browser after joining the VPN to discover the proxy (and you'd have to block non-proxy web traffic via the VPN to force that). Maybe more trouble than it's worth but I thought I'd mention it. — Mintra, Nov 16 '17 at 21:02
Nice. This solution is worth an answer if you take your time to write it. :) — Marco, Nov 16 '17 at 21:04

Disable Proxy Server

1 Answers1