Re: Internet Explorer [WILDPACKET]

Tech-Archive recommends: Speed Up your PC by fixing your registry

Hello Steven:

I want to push this registry setting via a GPO and I am not able to do it so
far.

I am trying to do this at the logon but does not work. No errors and policy
does get apply. if I map to SYSVOL fron my test PC and run the BAT file it
does nothing.

Please advise.


"Steven L Umbach" wrote:

> OK. I found the link below which may help though there is not a Group Policy
> setting though you could use a Group Policy logon script to deploy it with a
> ..reg file. --- Steve
>
> http://www.winxptutor.com/lmzunlock.htm
> http://support.microsoft.com/default.aspx?scid=kb;en-us;310516&sd=tech ---
> ..reg files.
>
> To accomplish this via the Registry, modify the following registry value:
>
> HKCU \ Software \ Microsoft \ Internet Explorer \ Main \ FeatureControl \
> FEATURE_LOCALMACHINE_LOCKDOWN
>
> In the right-pane, create a new REG_DWORD named iexplore.exe and set it to 0
>
> Values:
>
> 0 - Allows a Web page to run active content in your computer
> 1 - Disallows a Web page from running active content in your computer
>
>
>
> "WILD PACKET." <mailtomohsin@xxxxxxxxxxx> wrote in message
> news:OvQcI4syFHA.156@xxxxxxxxxxxxxxxxxxxxxxx
> > Did not work either..
> >
> >
> >
> > "Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxx> wrote in message
> > news:%23NocPzfyFHA.460@xxxxxxxxxxxxxxxxxxxxxxx
> >> How about this setting that was covered in the Windows XP Security
> >> --- Steve
> >>
> >> Security Features\Restrict ActiveX Install
> >> Use the Group Policy Object Editor to configure the proper Administrative
> >> Template. The prescribed settings are found at the following location:
> >>
> >> Computer Configuration\Administrative Templates\Windows
> >> Components\Internet Explorer\Security Features\Restrict ActiveX Install
> >>
> >> Internet Explorer Processes (Restrict ActiveX Install)
> >> Table A.9: Restrict ActiveX Install Settings
> >>
> >> Enterprise client desktop Enterprise client laptop High security
> >> desktop High security laptop
> >> Recommended
> >> Recommended
> >> Recommended
> >> Recommended
> >>
> >>
> >> The Restrict ActiveX Install\Internet Explorer Processes policy setting
> >> enables blocking of ActiveX control installation prompts for Internet
> >> Explorer processes.
> >>
> >> If you enable this policy setting, prompting for ActiveX control
> >> installations will be blocked for Internet Explorer processes. If you
> >> disable this policy setting, prompting for ActiveX control installations
> >> will not be blocked.
> >>
> >> Users often choose to install software such as ActiveX controls that are
> >> not permitted by company security policy. Such software can pose
> >> significant security and privacy risks to your network. Therefore, this
> >> appendix recommends you configure this policy as Enabled.
> >>
> >>
> >>
> >> "WILDPACKET" <WILDPACKET@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> >> news:1BDCBB97-2033-48EC-8648-D285F4FBC70E@xxxxxxxxxxxxxxxx
> >>> Thank you Steve for your response.
> >>>
> >>> This one do not work.
> >>> configuration/administrative templates/Windows components/Internet
> >>> Explorer/internet control panel/advanced page - allow active content
> >>> from
> >>> cds to run on users machine and set it to enable
> >>>
> >>> This works but also stops from running the content ActiveX. I want the
> >>> content to run w/o user intervention.
> >>>
> >>> The other one that comes to mind is computer
> >>> configuration/administrative templates/Windows components/Internet
> >>> Explorer/security features/local machine lockdown security - Internet
> >>> Explorer Processes - set to disabled
> >>>
> >>> Advise please.
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>> "Steven L Umbach" wrote:
> >>>
> >>>> Kind of crazy with all the settings which is good after you find it.
> >>>> Here
> >>>> are a couple that you may want to check out to see if it helps. These
> >>>> may
> >>>> also be under user configuration but look under computer
> >>>> configuration/administrative templates/Windows components/Internet
> >>>> Explorer/internet control panel/advanced page - allow active content
> >>>> from
> >>>> cds to run on users machine and set it to enabled after reading the
> >>>> full
> >>>> description of the setting. The other one that comes to mind is
> >>>> computer
> >>>> configuration/administrative templates/Windows components/Internet
> >>>> Explorer/security features/local machine lockdown security - Internet
> >>>> Explorer Processes - set to disabled after reading full decryption of
> >>>> the
> >>>> setting. You could tests these settings by modifying local Group Policy
> >>>> [gpedit.msc] on a computer to see if it helps assuming there is no
> >>>> overriding GPO at the domain/OU level that has the same setting
> >>>> fined. --- Steve
> >>>>
> >>>>
> >>>> "WILDPACKET" <WILDPACKET@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> >>>> news:65848BB3-C1C4-4CE4-B048-8D7A024063D5@xxxxxxxxxxxxxxxx
> >>>> > Users are receiving this message in the IE after installing SP2 for
> >>>> > XPP.
> >>>> >
> >>>> > "To help protect your security, IE has restricted this file from
> >>>> > showing
> >>>> > active content that could access your computer. Click here for more
> >>>> > options
> >>>> > ....."
> >>>> >
> >>>> > I want to disbale this message via GPO and I cannot seem to find
> >>>> > this
> >>>> > option in the GPO.
> >>>> >
> >>>> > Advise please.
> >>>> >
> >>>> > Thanks in advance.
> >>>>
> >>>>
> >>>>
> >>
> >>
> >
> >
>
>
>
.

Relevant Pages

  • Re: Oh Dear, Where to start?!
    ... > from some of you with appropriate experience in the field of network ... > main focus and priority has been computer security and policy development. ... install certain updates. ...
    (Security-Basics)
  • Re: Locked out of Computer - "Deny logon locally = Administrator"
    ... Windows 2000 on it. ... How do I access the NTFS security dialog? ... to use Local Security Policy utility to change that XP ...
    (microsoft.public.win2000.security)
  • Re: Internet Explorer [WILDPACKET]
    ... I found the link below which may help though there is not a Group Policy ... >> How about this setting that was covered in the Windows XP Security ... >> Security Features\Restrict ActiveX Install ...
    (microsoft.public.windows.group_policy)
  • Re: ActiveX Self register
    ... For security reasons, inspite of the object safety interfaces, you will ... SafeForScripting and SafeForInitialization (simply 2 keys in the ... when IE promts to Install it. ... I want to install it or not.I click install but the ActiveX is not ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: Active X problems was Re: Its COBOL, Jim, but not as we know it...
    ... Here are 16 lines of standard HTML code. ... Here's an ActiveX component embedded in a Web Page... ... local file URL into MSIE and it popped up a security warning. ... install it, but it's nice to know there are options. ...
    (comp.lang.cobol)