Mike F Robbins (@mikefrobbins) asked if there’s a way to set a proxy with a powershell cmdlet on Windows 2012 core edition.
Well, as Mike said you need now to use netsh winhttp context to achieve this task as proxycfg.exe has been removed.
But you can also do this with the following helper functions that I wrote for this purpose 🙂
# Requires -Version 3.0 Function Clear-WinHTTPproxy { [CmdletBinding()] Param() Begin { # Make sure we run as admin $usercontext = [Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent() $IsAdmin = $usercontext.IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator") if (-not($IsAdmin)) { Write-Warning "Must run powerShell as Administrator to perform these actions" break } $head = 40,0,0,0,0,0,0,0,1,0,0,0 $none = 0,0,0,0,0,0,0,0 } Process { $HT = @{ Path = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections"; Name = "WinHttpSettings"; PropertyType = "Binary"; Value = ($head+$none); Force = $true; ErrorAction = "Stop"; } try{ New-ItemProperty @HT | Out-Null } catch { Write-Warning -Message "Failed to set proxy because $($_.Exception.Message)" } Get-WinHttpProxy } End {} } Function Get-WinHttpProxy { [CmdletBinding()] Param() Begin{} Process { $binval = (Get-ItemProperty "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections" -Name WinHttpSettings).WinHttPSettings $proxylength = $binval[12] if ($proxylength -gt 0) { $proxy = -join ($binval[(12+3+1)..(12+3+1+$proxylength-1)] | % {([char]$_)}) $bypasslength = $binval[(12+3+1+$proxylength)] if ($bypasslength -gt 0) { $bypasslist = -join ($binval[(12+3+1+$proxylength+3+1)..(12+3+1+$proxylength+3+1+$bypasslength)] | % {([char]$_)}) } else { $bypasslist = '(none)' } "Current WinHTTP proxy settings:`n" ' Proxy Server(s): {0}' -f $proxy ' Bypass List : {0}' -f $bypasslist } else { @' Current WinHTTP proxy settings: Direct access (no proxy server). '@ } } End{} } Function Set-WinHttpProxy { [cmdletbinding()] Param( [Parameter(mandatory)][system.string]$proxyserver=$null, [System.String]$bypasslist=$null ) Begin{ # Make sure we run as admin $usercontext = [Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent() $IsAdmin = $usercontext.IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator") if (-not($IsAdmin)) { Write-Warning "Must run powerShell as Administrator to perform these actions" break } } Process { # Define 3 arrays $proxylength = $proxyserver.Length,0,0,0 $bypasslength = $bypasslist.Length,0,0,0 $head = 40,0,0,0,0,0,0,0,3,0,0,0 $HT = @{ Path = "HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections"; Name = "WinHttpSettings"; PropertyType = "Binary"; Value = ($head+$proxylength+$proxyserver.ToCharArray()+$bypasslength+$bypasslist.ToCharArray()) Force = $true; ErrorAction = "Stop"; } try { New-ItemProperty @HT | Out-Null } catch { Write-Warning -Message "Failed to set proxy because $($_.Exception.Message)" } Get-WinHttpProxy } End {} }
Here’s how to use them with their netsh equivalent:
# Reset proxy netsh --% winhttp reset proxy Clear-WinHTTPproxy # Show proxy netsh --% winhttp show proxy Get-WinHttpProxy # Set proxy netsh --% winhttp set proxy proxy-server="http=myproxy;https=sproxy:88" bypass-list="*.foo.com" Set-WinHttpProxy -proxyserver "http=myproxy;https=sproxy:88" -bypasslist "*.foo.com"
NB: The above function only query the WinHttpSettings value in the registry. It doesn’t take into account whether there’s a GPO and/or a current user level (HKCU hive) based proxy.
Using authenticated proxy servers together with Windows 8
http://support.microsoft.com/kb/2778122/en-us
How to configure proxy server settings in Windows 8
http://support.microsoft.com/kb/2777643/en-us
Pingback: People Who are Blogging About the 2013 Scripting Games | Mike F Robbins
Great code, and works well, but why use it over netsh winhttp … ?
Hi,
From a forensics point of view, it will leave less footprints behind compared to an execution of netsh.exe.
It also shows what netsh.exe is doing and helped understand how it works.
All netsh.exe contexts aren’t deprecated yet, but some already are.
This code would somehow be an alternative if netsh.exe/winhttp context was deprecated.
Netsh/winhttp being still supported on Windows 2012 and R2, you should use it unless you’ve a(nother) reason not to use it.