Re: ISA2004 issues (pretty detailed description and therefore much reading :)
- From: "ZVR" <nospamever@xxxxxx>
- Date: Fri, 2 Dec 2005 13:26:09 -0500
"A. Klimkin" <aklimkin at mail dot ru> wrote in message
news:uvB13Ky9FHA.1020@xxxxxxxxxxxxxxxxxxxxxxx
> Hello everybody.
>
> I'm facing a trouble I can't resolve by myself, so I try to ask the gurus.
> Here we go.
>
> My configuration:
> I have an ISA2004SP1 installed and configured on Win2003SrvSP1 machine
> within AD environment (member server).
> Effective access policy allows some sites to be hit anonymously (namely,
> there are windowsupdate sites) and the rest of the web requires user
> identification via integrated authentification against AD.
> All the users are configured to be web proxy clients of the ISA server and
> to autodetect proxy settings. Local DNS server configured to return my ISA
> server address in response to WPAD entry queries. ISA server is configured
> to publish autodiscovery information on sandard port 80.
Very good explanation so far. I wish all people posting here would give such
detailed descriptions of their environment.
> My first question:
> Is there a way to force IE browser to redetect its proxy settings?
Yes and you already found it - you need to tick/untick the "Autodetect Proxy
Settings" checkbox. That is the only way you can force it. Not the most
convenient way I know but read on for a workaround.
> I've heard that this should happen every time you restart browser. But it
> seems to not happen.
No it's not supposed to work that way. The purpose of the proxy cache in IE
(which btw was introduced in v5.5 AFAIK) is to serve the 'usual' network
environment for which the proxy settings hardly ever change. Of course there
would be very little caching benefits if the re-detection occured every time
the browser was restarted.
However, in a network environment where there's lots of changes (like for
example during a major systems upgrade) this caching feature can become an
annoyance. Fortunately it can be turned off completely by means of a
registry setting. See the following article for details:
http://support.microsoft.com/?kbid=271361
> Proxy redetection seems to not happen even if I restart the computer. The
> only thing that helps is to go to IE connections settings, unticle
> 'autodetect' option, restart the browser and then check the 'autodetect'
> option on again. It's pretty boring procedure to configure this way every
> given client computer of a list of two hundreds comps, you know.
Of course. You can configure the registry settings mentioned above on all
the computers in the domain by means of a GPO. Next time IE is started on
any of those computers, it will not cache the proxy settings anymore.
> And the second issue.
<snip>
> Initially, IE (as usual) tries the destination anonymously, then, being
> asked for identification, passes the credentials and ISA allows the
> connection (as we can see). But the page won't be displayed with above
> mentioned HTTP 404 error. Is there a problem with ISA or IE? Or maybe
> both?
> Please bear in mind that there is public free web service, so I don't see
> much sense to bother their support with this issue, taking into account
> the fact that the service works just fine when you directly accessing it
> (without authenticating proxy).
Can you please create a rule allowing anonymous access to those sites, then
post the results here? I'm curious whether it works when authentication is
not required.
Virgil
.
- Follow-Ups:
- References:
- Prev by Date: Re: Random rror 10061 with ISA 2000
- Next by Date: Re: ISA 2000 SPs
- Previous by thread: ISA2004 issues (pretty detailed description and therefore much reading :)
- Next by thread: Re: ISA2004 issues (pretty detailed description and therefore much reading :)
- Index(es):
Relevant Pages
|
