Overview

There are several registry keys that needed configuration within a Group Policy to enable WinHTTP on all Windows machines being joined to the domain. This is the the first item:

Part 1

Create a WinHTTP_Settings GP > navigate through Computer Configuration > Preferences > Windows Settings > right-click Registry > New > Registry Item

New Registry Properties:
Action = Update
Hive = HKEY_LOCAL_MACHINE
Key Path = SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
Value name = WinHttpSettings
Value type = REG_BINARY
Value data = 1800000000000000010000000000000000000000 (Direct Access - No Proxy)

Note: run this script to obtain Value data on a Windows test machine

# Dynamic variables
$proxy="http://proxy:80";
$exclusionList="localhost;*.kimconnect.com"

# Set proxy registry
$asciiValue = "(   $proxy $exclusionList"
$binaryValue = [system.Text.Encoding]::Default.GetBytes($asciiValue) | %{[System.Convert]::ToString($_) }
$winHTTPHive = "Registry::HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections"
$winHTTPKey = "WinHttpSettings"
Set-ItemProperty -Path $winHTTPHive -Name $winHTTPKey -Value $binaryValue

Run Regedit > navigate to SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections > double-click on WinHttpSettings to obtain the binary data for copying purposes

Part 2

To be continued…

Maybe: https://learn.microsoft.com/en-us/defender-endpoint/configure-proxy-internet

Categories: