Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Trying to set a GPO for IE Local intranet to be LOW

Posted on 2009-07-06
10
1,622 Views
Last Modified: 2013-12-08
Hi all,
I'm trying to set a GPO so that all computer in the domain have their IE's Local intranet locked to the Low setting. I can't seem to find the right setting to get them to switch from Medium-Low. Can anyone help?

Thanks.
Jon
0
Comment
Question by:Jon DeVito
  • 6
  • 3
10 Comments
 
LVL 3

Author Comment

by:Jon DeVito
ID: 24788293
I'm using Windows 2003 Server.
0
 
LVL 84

Accepted Solution

by:
oBdA earned 500 total points
ID: 24788365
You'll find it under "User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page", "Intranet Zone Template" (or similar, not using an English version. Set it to the Low.
0
 
LVL 3

Author Comment

by:Jon DeVito
ID: 24788393
I tried that but it doesnt change anything on the client side. I did a GPUpdate /force too. I was able to figure out how to lock it so the client cant change it, but I still cant set it as low.
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 
LVL 84

Expert Comment

by:oBdA
ID: 24788462
From the server side, you can create a report in the GPMC to find out which policies are applying to the user(s) in question.
From the client side, you can run rsop.msc and/or (form a command line) "gpresult /v".
0
 
LVL 3

Author Comment

by:Jon DeVito
ID: 24788473
Yes, the policy is definitely hitting the client but I dont believe changing the template is the right setting to force it on the client.
0
 
LVL 31

Expert Comment

by:Henrik Johansson
ID: 24788507
Make sure that the GPO is linked to the correct OU, so it affects the user object when using 'User Configuration'.
0
 
LVL 3

Author Comment

by:Jon DeVito
ID: 24788514
Yes it is, I can see the policy being applied to the user.
0
 
LVL 3

Author Comment

by:Jon DeVito
ID: 24788740
How silly...the settings did apply!! It just doesnt change the slider bar! Here is the article I used: http://blog.rhysgoodwin.com/windows-admin/ie-gpo-zone-templates-and-the-open-file-security-warning/

oBdA gets the points for showing me to the right GPO. Thanks a lot.

Jon
0
 
LVL 84

Expert Comment

by:oBdA
ID: 24788794
Sorry, was away; I was just about to tell you that the policies won't be reflected in the slider bar (which doesn't check against the policies keys), but you'll see nearly (all) of the settings in rsop.msc under Security Page\Intranet Zone in rsop.msc. If that's the case, then everything went okay. The "templates" are just "shortcuts" that set a bunch of policies at once.
0
 
LVL 3

Author Comment

by:Jon DeVito
ID: 24788895
Gotcha, thanks for the explanation. I had it right for the last 2 hours but didnt think to check, lol.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question