MGS-TECH
asked on
How do edit the Group Policy Preference Item for Internet Explorer 8
Is there a way to do this? I need to edit the file, because it appears that there is a bug in the Internet Explorer 8 preference setting for the "check for server certificate revocation" setting under ''Internet Explorer 8/Advanced/Security/'Check for server certificate revocation''
Even if you uncheck the "Check for server certificate revocation" dialog box, it never changes the decimal value to the default value of 0x00023e00 146944
Here is the scenario when GP is enabled and when it isn't
HKCU\Software\Microsoft\Wi
No Group Policy Enabled
Enabled Check for Publishers certificate revocation Value 0x00023c00 146432
Disabled Check for Publishers certificate revocation Value 0x00023e00 146944
Group Policy Enabled
Disabled Check for Publishers certificate revocation Value 0x000002c9 713
Enabled Check for Publishers certificate revocation Value 0x000000c9 201
Anyways, I need to be able to set this key to either 146432 or 146944 for the above registry key. I can do this without creating the Internet Explorer 8 Preference Setting. As soon as I create the IE8 preference setting, the key changes to the value of 713 or 201.
How do I get this to work?
The reason I need to do this is because of the way that Webex handles the activeX controls when setting up a new meeting.
When it is set to 713 or 201 webex is broken.
146432 or 146944 works fine.
Also, if you are confused I have attached the below link.
http://social.technet.micr
Even if you uncheck the "Check for server certificate revocation" dialog box, it never changes the decimal value to the default value of 0x00023e00 146944
Here is the scenario when GP is enabled and when it isn't
HKCU\Software\Microsoft\Wi
No Group Policy Enabled
Enabled Check for Publishers certificate revocation Value 0x00023c00 146432
Disabled Check for Publishers certificate revocation Value 0x00023e00 146944
Group Policy Enabled
Disabled Check for Publishers certificate revocation Value 0x000002c9 713
Enabled Check for Publishers certificate revocation Value 0x000000c9 201
Anyways, I need to be able to set this key to either 146432 or 146944 for the above registry key. I can do this without creating the Internet Explorer 8 Preference Setting. As soon as I create the IE8 preference setting, the key changes to the value of 713 or 201.
How do I get this to work?
The reason I need to do this is because of the way that Webex handles the activeX controls when setting up a new meeting.
When it is set to 713 or 201 webex is broken.
146432 or 146944 works fine.
Also, if you are confused I have attached the below link.
http://social.technet.micr
ASKER
Even when i manually set the registry key to 146944 for HKCU\Software\Microsoft\Wi
As soon as I add the default Internet Explorer 8 group policy preference item it defaults the above key back to 0x000002c9 713
This happens no matter what I do. It always takes precedence over the GP applied key
As soon as I add the default Internet Explorer 8 group policy preference item it defaults the above key back to 0x000002c9 713
This happens no matter what I do. It always takes precedence over the GP applied key
I thought so, nonetheless, do you have to have the GPO set for that value? since, we can set it up manually via script through GPO.
ASKER
Well I need to be able to use the Internet Explorer 8 preference setting in the GPMC. And I also need this key
HKCU\Software\Microsoft\Wi
to be set to 146944
This is the only way Webex will work. I just got off the phone with them and they will do nothing for me.
I guess anyway I can go about this will work.
Thanks for the help
HKCU\Software\Microsoft\Wi
to be set to 146944
This is the only way Webex will work. I just got off the phone with them and they will do nothing for me.
I guess anyway I can go about this will work.
Thanks for the help
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you for your help. I tried this script which changed the value temporarily and it defaulted back to the value of 713 as soon as the group policy was re-applied with a gpupdate /force.
Please advise.
Thanks
Please advise.
Thanks
You should set that particular gpo internet explorer option as not configured and use the script instead, that way the value will not be modified from the one set through the script.
Use the script via GPO logon script to the OU needed.
Let me know your outcome.
Rgds.
Use the script via GPO logon script to the OU needed.
Let me know your outcome.
Rgds.
ASKER
I think you are a bit confused as to what my configuration is, so let me clarify..
The Group Policy Preference setting for Internet Explorer 7 and 8 is what changes the default values of the key to 713 or 201 instead of the default values of 146432 and 146944 (pre group policy). The only group policy that is set is the below one:
This is located in User Configuration\Preferences\
I want to be able to use the new preference settings so I can configure the Internet Explorer 7 and 8 settings for each user. However,
when this is enabled, it defaults to the values of 713 or 201 for
HKCU\Software\Microsoft\Wi
When I configure it to run your script, it changes the value temporarily and it defaulted back to the value of 713 as soon as the group policy was re-applied with a gpupdate /force
I hope I am explaining this correctly
Thanks
The Group Policy Preference setting for Internet Explorer 7 and 8 is what changes the default values of the key to 713 or 201 instead of the default values of 146432 and 146944 (pre group policy). The only group policy that is set is the below one:
This is located in User Configuration\Preferences\
I want to be able to use the new preference settings so I can configure the Internet Explorer 7 and 8 settings for each user. However,
when this is enabled, it defaults to the values of 713 or 201 for
HKCU\Software\Microsoft\Wi
When I configure it to run your script, it changes the value temporarily and it defaulted back to the value of 713 as soon as the group policy was re-applied with a gpupdate /force
I hope I am explaining this correctly
Thanks
I'm sorry I don't get it quite as well, but my question is, what do you set on GPO that you cannot do through script? since if you set a GPO it is certain that the values are changed automaticaly.
Rgds.
Rgds.
If you see this feasible, let me know in order to write you a code for this.
Awaiting your comments.
Rgds.