After enabling client Web Traffic Redirection ( WTR) functionality in SES console not able to access onedrive.
Endpoint Security(SES) : 14.3 RU6
Known Issue as described in the article - Bypass Endpoint Protection Web Traffic Redirection using a custom PAC file
In Endpoint Security Console (SES), currently importing the custom pac file feature not yet implemented so pac script in the registry does not persist across machine reboots and service restarts. Therefore pacscript needs to be updated periodically.
This can be achieved using either of the following 2 solutions.
Endpoint Security Console(SES) does not have feature to import the custom pac file, instead use LPSFlags.exe.
e.g: LPSFlags.exe --pac-script CustomProxy.pac --restart
Note: In every reboot and smc restart deletes the Pac Script for custom pac. It is required to apply LPSFlags.exe command every time as per design.
Use HI script to run the LPSFlags.exe and import the custom pac file. In this solution the customer needs to setup a web server and web directory from where HI script can download
the required files.
Below point is mandatory to run the HI script.
To do list to perform.
e.g. http://xx.xx.xx.xx/lpsflags.exe, http://xx.xx.xx.xx/proxy.pacand http://xx.xx.xx.xx/updatepac.cmd
Note: To download Proxy.pac and updatepac.cmd need to add MimeType in the website so that those files can be downloaded to the target folder mentioned in the HI script.
Note: This can also be achieved using system management software too.
5. Apply the HI Policy.
The custom pac file is provided as parameter to LPSFlags.exe.
3. After SMC -restart, since EnableLPSCustomPac=0 in case of SES client it deletes the above registry every time. But since we have added the HI script the registry gets added once SMC starts loading profile and applies HI policy.