Have a few issues here - if this isn't the right place, please let me know...
Right now my company applies some Group Policies to the AD Site (like wsus server, proxy settings, and timezone). This works great -- most of the time. The main trouble we have been running into is VPN users. No matter where they are, if they are VPN'ed in, they are attached to the Corporate HQ AD site, and get the timezone the corporate office is in. The main issue we have is people that travel from location to location - we need them to get the correct settings no matter where they are at.
I read the pinned topic about creating collections based on IP address and it got me thinking. I set up one collection for HQ on 1/17 and noticed devices that were discovered on those networks on 12/26 were still showing up in the collection even though they haven't been there since 12/26. I'm looking for this to be more of a current look of what is on the network. I imagine I'll have to mess with discovery settings somewhat to get this, but I'm not exactly sure where to start. Is this even possible or am I setting my goals too high?
If I can get accurate memberships in these collections at a given point in time is DCM something that would be useful in this situation? Basically I would need it where someone walks in with their laptop and they get the correct settings fairly quickly, not hours later.
Personally I'd like to get away from applying GPO to the AD Site. It would reduce the amount of GPOs in the system by about 80 at this point.
Or maybe a better question is how do you guys handle setting timezone and proxy settings? WSUS settings I'm not too worried about since we'll be switching to be using SUP.