Author Posts

November 3, 2017 at 3:29 pm

I need some web resources downloaded by an unattended freshly installed lab PC, partially for some reason joined to my production domain, existing behind a corporate proxy (in my case it is two load-balanced legacy TMGs under EMS, with a common virtual IP address).
I have administrative permissions on GPOs etc..

When I look at the VM logs I see failure messages, because of my running account not having proper credentials to go through the TMG stuff.
At the same time my VMs have direct outbound access to the Internet through a NAT device
In addition I have setup an anonymous proxy.

Please help me free my test VMs from the automatic settings going from the production.

November 3, 2017 at 3:33 pm

I'm wading through the TLAs here but I'm not certain I understand what the actual PowerShell question is :). Can you maybe re-state what you're asking for help with, and maybe some details on what you're actually -doing- that is generating what specific error messages?

November 3, 2017 at 3:41 pm

I am trying the DSC, and the DSC engine cannot download web resources in the environment decribed above.
And.. what does TLA stand for?

November 3, 2017 at 4:25 pm

In addition, my new automatically created VM stuff cannot interact via the PackageManagement, download the Nuget itself еtс..
This aforementioned kind of proxy enforcement is absolutely devops unfriendly.

I'm sure I am not unique in my feelings, please help!

What I want to learn is how to block the proxy settings inheritance from the environment, for the newly created Lab VMs.

November 4, 2017 at 2:31 am

In case of corporate proxies, best answer I have found is to export/set HTTP_PROXY and HTTPS_PROXY in both Windows / Linux VMs. That works with most Python PIP stuff I do and git also.

November 4, 2017 at 7:02 am

Thank you! I was not aware of existence of these variables in windows, and now have learned it.
But the TMG uses the NTLM authentication, some troubles being added by HA setup (sometimes it requires more than one credential cached)

So... what you guys advice is to switch to my own Linux-based web proxy via HTTP_PROXY and HTTPS_PROXY, isn't it?
Can I also just clear the automatic proxy setting by means of these variables?