Re: Internet Explorer [WILDPACKET]

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

---

• From: "Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxx>
• Date: Wed, 5 Oct 2005 17:33:47 -0500

---

How about this setting that was covered in the Windows XP Security
ide? --- Steve

Security Features\Restrict ActiveX Install
Use the Group Policy Object Editor to configure the proper Administrative
Template. The prescribed settings are found at the following location:

Computer Configuration\Administrative Templates\Windows Components\Internet
Explorer\Security Features\Restrict ActiveX Install

Internet Explorer Processes (Restrict ActiveX Install)
Table A.9: Restrict ActiveX Install Settings

Enterprise client desktop Enterprise client laptop High security
desktop High security laptop
Recommended
Recommended
Recommended
Recommended


The Restrict ActiveX Install\Internet Explorer Processes policy setting
enables blocking of ActiveX control installation prompts for Internet
Explorer processes.

If you enable this policy setting, prompting for ActiveX control
installations will be blocked for Internet Explorer processes. If you
disable this policy setting, prompting for ActiveX control installations
will not be blocked.

Users often choose to install software such as ActiveX controls that are not
permitted by company security policy. Such software can pose significant
security and privacy risks to your network. Therefore, this appendix
recommends you configure this policy as Enabled.



"WILDPACKET" <WILDPACKET@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:1BDCBB97-2033-48EC-8648-D285F4FBC70E@xxxxxxxxxxxxxxxx
> Thank you Steve for your response.
>
> This one do not work.
> configuration/administrative templates/Windows components/Internet
> Explorer/internet control panel/advanced page - allow active content from
> cds to run on users machine and set it to enable
>
> This works but also stops from running the content ActiveX. I want the
> content to run w/o user intervention.
>
> The other one that comes to mind is computer
> configuration/administrative templates/Windows components/Internet
> Explorer/security features/local machine lockdown security - Internet
> Explorer Processes - set to disabled
>
> Advise please.
>
>
>
>
>
>
> "Steven L Umbach" wrote:
>
>> Kind of crazy with all the settings which is good after you find it. Here
>> are a couple that you may want to check out to see if it helps. These may
>> also be under user configuration but look under computer
>> configuration/administrative templates/Windows components/Internet
>> Explorer/internet control panel/advanced page - allow active content from
>> cds to run on users machine and set it to enabled after reading the full
>> description of the setting. The other one that comes to mind is computer
>> configuration/administrative templates/Windows components/Internet
>> Explorer/security features/local machine lockdown security - Internet
>> Explorer Processes - set to disabled after reading full decryption of the
>> setting. You could tests these settings by modifying local Group Policy
>> [gpedit.msc] on a computer to see if it helps assuming there is no
>> overriding GPO at the domain/OU level that has the same setting
>> fined. --- Steve
>>
>>
>> "WILDPACKET" <WILDPACKET@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> news:65848BB3-C1C4-4CE4-B048-8D7A024063D5@xxxxxxxxxxxxxxxx
>> > Users are receiving this message in the IE after installing SP2 for
>> > XPP.
>> >
>> > "To help protect your security, IE has restricted this file from
>> > showing
>> > active content that could access your computer. Click here for more
>> > options
>> > ....."
>> >
>> > I want to disbale this message via GPO and I cannot seem to find this
>> > option in the GPO.
>> >
>> > Advise please.
>> >
>> > Thanks in advance.
>>
>>
>>


.

---

• Follow-Ups:
  • Re: Internet Explorer [WILDPACKET]
    • From: WILD PACKET.

• References:
  • Re: Internet Explorer [WILDPACKET]
    • From: Steven L Umbach

• Prev by Date: Re: I broke windows xp sp2 - I need help please. Thanks.
• Next by Date: Re: move user from local admins group to local users group
• Previous by thread: Re: Internet Explorer [WILDPACKET]
• Next by thread: Re: Internet Explorer [WILDPACKET]
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Oh Dear, Where to start?! ... > from some of you with appropriate experience in the field of network ... > main focus and priority has been computer security and policy development. ... install certain updates. ... (Security-Basics) Re: Internet Explorer [WILDPACKET] ... I found the link below which may help though there is not a Group Policy ... >>> How about this setting that was covered in the Windows XP Security ... >>> Security Features\Restrict ActiveX Install ... (microsoft.public.windows.group_policy) Re: Locked out of Computer - "Deny logon locally = Administrator" ... Windows 2000 on it. ... How do I access the NTFS security dialog? ... to use Local Security Policy utility to change that XP ... (microsoft.public.win2000.security) Re: Internet Explorer [WILDPACKET] ... I found the link below which may help though there is not a Group Policy ... >> How about this setting that was covered in the Windows XP Security ... >> Security Features\Restrict ActiveX Install ... (microsoft.public.windows.group_policy) Re: ActiveX Self register ... For security reasons, inspite of the object safety interfaces, you will ... SafeForScripting and SafeForInitialization (simply 2 keys in the ... when IE promts to Install it. ... I want to install it or not.I click install but the ActiveX is not ... (microsoft.public.dotnet.framework.aspnet)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.group_policy  > 2005-10