Re: HKLM registry key "//system" for Remote Assistance
- From: "Rob Parsons" <iecustomizer@xxxxxxxxxxx>
- Date: Wed, 23 Nov 2005 12:38:00 +1100
Hi Hong.
I am not an XP machine right now so I am only guessing. So here goes
The following is an extract from
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/mangxpsp2/mngieps.mspx
The policy settings for controlling URL Actions are available in both the
Computer Configuration and the User Configuration nodes of Group Policy
Object Editor, in Administrative Templates\Windows Components\Internet
Explorer\Internet Control Panel\Security Page. The URL Actions policy
settings are written to the following registry locations, in these sub-keys
under Zones, \0, \1, \2, \3, and \4:
Note: The line has been split into multiple lines for readability.
However, while trying it out on a system you must enter it as one line
without breaks.
. HKEY_LOCAL_MACHINE\ Software\Policies\Microsoft\Windows\
CurrentVersion\Internet Settings\Zones
. HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\
CurrentVersion\Internet Settings\Zones
You should also understand the Security Features control policy settings.
Some of the URL Action settings are not valid unless the corresponding
Security Features control policy is enabled. Internet Explorer checks to see
if the Security Feature is enabled, and if it is and the Security Feature
uses URL actions, it looks for the setting for the action based on the
security zone of the URL. See "Security Features Control," earlier in this
document.
Now I should think that you have to create a new sub-key under Zones as \5
which will correspond to your named Zone '\\System'. If you have a look at
the other zone registry entries you will see that there is a value there
that has the Zone name. Just follow the structure of the other Zone entries.
gpedit.msc should pick up the new zone (so long it is in numerical sequence)
and display it in the control panel.
"Hong" <Hong@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:AEE8E4BB-845B-41A7-9084-E6F1C3BBFA6C@xxxxxxxxxxxxxxxx
> Internet Explorer 6 on Windows XP
>
> To take precautions against a potential JavaScript Window() Remote Code
> Execution problem, Active Scripting in the Internet Zone was disabled.
> However, this broke the ability to invoke Remote Assistance for remote PCs
on
> Local Intranet.
>
> A workaround was discovered with the creation of a new key "//system" as
>
> [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet
> Settings\ZoneMap\Domains\//system]
> "*"=dword:00000001
>
> or in a different hive
>
> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\In
> ternet Settings\ZoneMap\Domains
>
> What are the implications of this new registry key, as I failed to find
any
> info about this key? Norton AV also created a similar "//system" in HKU
> subhive but with binary data, e.g. "//" "system"
> site:microsoft.public.ineternetexplorer.*
>
> Can this "//system" entry be created for "Zone Assignment List" under the
> GPO Administrative Templates of Internet Control Panel ?
>
> Thanks
>
>
> Hong
>
begin 666 note.gif
M1TE&.#EA"@`*`+/_`(V,C?__S/_,`/\%!?]=7<# P-/3T\# P(6%A0("`@``
M`````````````````````"'Y! $```4`+ `````*``H`0 0H$,AI#AD@Z)U*
AR1HB)(8'<N,7&EJG;JV P4GZ&@D2(";<>HF@,.B)```[
`
end
.
- Prev by Date: Window gains focus but does not come to front
- Next by Date: Re: The Client Authentication dialog box at SSL sites
- Previous by thread: Window gains focus but does not come to front
- Next by thread: Re: Cannot link from OE 6 to IE6
- Index(es):
Relevant Pages
|
