chassouna
asked on
How to control IE7 Privacy level with group policy?
In Internet Explorer 7, there's a slider in the internet options tab "Privacy". We need to set the level to "Medium" (which is default) to adjust this setting in all user profiles (TS environment, W2k8 Server). Is there a way to do this with a GPO?
Thank you
Thank you
ASKER
Thanks, but I already took a look at this ADM file. There's no possibility to set the privacy level...
Chris
Chris
Yes, it does, but indirectly...
User Settings --> Windows Components --> Internet Explorer --> Internet Control Panel --> Security Page --> Internet Zone
You can set the policies individually here to be the same as what a "Medium" privacy setting would produce.
User Settings --> Windows Components --> Internet Explorer --> Internet Control Panel --> Security Page --> Internet Zone
You can set the policies individually here to be the same as what a "Medium" privacy setting would produce.
ASKER
So, can you tell me which setting(s) affect the cookie handling? I can't find any.
Chris
Chris
The settings which control cookies are under the HKEY_CURRENT_USER\Software
To accept cookies from a domain, create a new subkey and give it a default DWORD value of 1. For example, to accept cookies from the microsoft.com domain, create the HKEY_CURRENT_USER\Software
You can't use regedit to create a subkey with a default DWORD. (When you create a subkey, regedit automatically creates a default REG_SZ value.) So, use .reg files to create the subkeys. For example, Figure 1 shows the .reg file for creating the microsoft. com subkey.
Then write a batch file that uses the reg. exe utility to read and apply the .reg files. (Reg .exe is built into Windows Server 2003 and is part of the Windows 2000 Support Tools.)
Finally, insert the batch file in a Group Policy Object (GPO) under User Configuration\Window Settings\Script\Logon Scripts.
With this solution, you can allow cookies but prevent users from downloading unwanted and possibly malicious files and ActiveX objects. Because the solution uses Group Policy, it's easy and quick to implement.
Figure-01.jpg
ASKER
Thank you for these instructions, but we don't want the IE to accept cookies from a list of domains. The cookie handling should generally be set to the "medium" level, as shown in the following screenshot of the IE7 privacy tab. Can this be done with GPO?
ie7-privacy.png
ie7-privacy.png
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The "solution" I got was the one that I hoped not to get, because I assumed that there must be another way to handle this.
http://www.ie-vista.com/group_policy.html
Here is the administrative template for IE7 in GPO if you need it:
http://www.microsoft.com/downloads/details.aspx?FamilyID=11ab3e81-6462-4fda-8ee5-fcb8264c44b1&displaylang=en
Justin