Last active
April 6, 2023 08:11
-
-
Save tom-henderson/cd681c16b3f77fd07416ba08da6041ba to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Set proxy for all users | |
# See: | |
# https://www.securelink.be/windows-proxy-settings-explained/ | |
# https://technet.microsoft.com/en-us/library/cc770473(v=ws.11).aspx | |
# https://msdn.microsoft.com/en-us/library/windows/desktop/aa362813(v=vs.85).aspx | |
$domain_name='example.com' | |
$proxy='proxy.foo.com' | |
$port=8080 | |
$bypass = "10.*.*.*;" | |
$bypass += "192.168.*.*;" | |
$bypass += -join (16..31 | % { "172.$_.*.*;" }) | |
$bypass += "169.254.*.*;" | |
$bypass += "*.$domain_name;" | |
$bypass += "<local>;" | |
# <local> will bypass bare hostnames. We still need to enter local subnets using * as wildcard. | |
# WinHTTP | |
$netsh_command = { | |
netsh winhttp set proxy proxy-server="$proxy:$port" bypass-list="$bypass" | |
} | |
Invoke-Command -ScriptBlock $netsh_command | |
# WinINET (IE Proxy) | |
function Set-RegistryValue ($Path, $Name, $Value, $PropertyType) { | |
if (Get-ItemProperty -Path $Path -Name $Name -ErrorAction SilentlyContinue) { | |
Set-ItemProperty -Path $Path -Name $Name -Value $Value | |
} else { | |
New-ItemProperty -Path $Path -Name $Name -Value $Value -PropertyType $PropertyType | |
} | |
} | |
Set-RegistryValue -Path "HKLM:\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings" -Name ProxySettingsPerUser -Value 0 -PropertyType DWord | |
# 64 bit processes | |
Set-RegistryValue -Path "HKLM:\Software\Microsoft\Windows\CurrentVersion\Internet Settings" -Name ProxyServer -Value "$proxy:$port" -PropertyType String | |
Set-RegistryValue -Path "HKLM:\Software\Microsoft\Windows\CurrentVersion\Internet Settings" -Name ProxyEnable -Value 1 -PropertyType DWord | |
Set-RegistryValue -Path "HKLM:\Software\Microsoft\Windows\CurrentVersion\Internet Settings" -Name ProxyOverride -Value $bypass -PropertyType String | |
Set-RegistryValue -Path "HKLM:\Software\Microsoft\Windows\CurrentVersion\Internet Settings" -Name AutoDetect -Value 0 -PropertyType DWord | |
# 32 bit processes | |
Set-RegistryValue -Path "HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings" -Name ProxyServer -Value "$proxy:$port" -PropertyType String | |
Set-RegistryValue -Path "HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings" -Name ProxyEnable -Value 1 -PropertyType DWord | |
Set-RegistryValue -Path "HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings" -Name ProxyOverride -Value $bypass -PropertyType String | |
Set-RegistryValue -Path "HKLM:\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings" -Name AutoDetect -Value 0 -PropertyType DWord | |
# Service accounts | |
$bitsadmin_command = { | |
bitsadmin /util /setieproxy LOCALSYSTEM RESET | |
bitsadmin /util /setieproxy LOCALSYSTEM MANUAL_PROXY "$($proxy):$($port)" $bypass | |
bitsadmin /util /setieproxy NETWORKSERVICE RESET | |
bitsadmin /util /setieproxy NETWORKSERVICE MANUAL_PROXY "$($proxy):$($port)" $bypass | |
bitsadmin /util /setieproxy LOCALSERVICE RESET | |
bitsadmin /util /setieproxy LOCALSERVICE MANUAL_PROXY "$($proxy):$($port)" $bypass | |
} | |
Invoke-Command -ScriptBlock $bitsadmin_command | |
# Set environment variables | |
function Set-Env ($Key, $Value) { | |
Set-Item -Path "env:$Key" -Value $Value | |
[Environment]::SetEnvironmentVariable("$Key", $Value, [System.EnvironmentVariableTarget]::Machine) | |
} | |
Set-Env -Key "HTTP_PROXY" -Value "http://$($proxy):$($port)" | |
Set-Env -Key "HTTPS_PROXY" -Value "http://$($proxy):$($port)" | |
Set-Env -Key "NO_PROXY" -Value ($bypass -replace ";", ",").Trim(",") |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment