Nap2
asked on
Group Policy: Internet Explorer Maintenance Setting Imported From Source Workstation
I have a question concerning the application of policy settings when imported from a source browser.
I currently have a gpo configured containing security and privacy settings imported into the gpo from a source workstation. One of the requirements that we have is to allow users to have some limited ability to control pop-up blocker settings which are controlled under the privacy options in IE. Even though there are not any sites listed under "allowed sites" in the gpo, I need to allow users the ability to enter sites they wish to allow pop-ups while at the same pushing down security configuration and privacy tab settings.
The policy is set to a manadatory refresh which causes any values set by user to essentially be 'blanked out' since the allowed sites sites list is/was empty when imported from the original source workstation. Is there any way to allow users to enter allowed pop up sites while at the same time enforcing the imported settings from the Security and Privacy tabs? Should we be taking a different approach instead of importing the settings from the browser which appears to not let us have granular control over those particular settings since they were part of the import?
As an alterantive, I was investigating using the Interet Explorer Control Panel to configure settings for the security zone and privacy settings instead but have begun to find that some of the security zone settings for IE are misnamed or completely missing for IE 7. In addition I could not find any place to specify per site privacy handling for cookies. Sorry for the long-winded post, but finding a way around this has been stumping me. Thanks in advance for you help.
I currently have a gpo configured containing security and privacy settings imported into the gpo from a source workstation. One of the requirements that we have is to allow users to have some limited ability to control pop-up blocker settings which are controlled under the privacy options in IE. Even though there are not any sites listed under "allowed sites" in the gpo, I need to allow users the ability to enter sites they wish to allow pop-ups while at the same pushing down security configuration and privacy tab settings.
The policy is set to a manadatory refresh which causes any values set by user to essentially be 'blanked out' since the allowed sites sites list is/was empty when imported from the original source workstation. Is there any way to allow users to enter allowed pop up sites while at the same time enforcing the imported settings from the Security and Privacy tabs? Should we be taking a different approach instead of importing the settings from the browser which appears to not let us have granular control over those particular settings since they were part of the import?
As an alterantive, I was investigating using the Interet Explorer Control Panel to configure settings for the security zone and privacy settings instead but have begun to find that some of the security zone settings for IE are misnamed or completely missing for IE 7. In addition I could not find any place to specify per site privacy handling for cookies. Sorry for the long-winded post, but finding a way around this has been stumping me. Thanks in advance for you help.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://www.microsoft.com/downloads/details.aspx?FamilyID=11ab3e81-6462-4fda-8ee5-fcb8264c44b1&displaylang=en
I would use the security zones settings under computer configuration vice imported settings, they are much easier to manage. You will be able to control all security settings while at the same time allow users to manage the pop-up blocker.