[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Configuring Internet Explorer Security settings (Security Zones and Content Ratings)

Posted on 2013-02-03
2
Medium Priority
?
798 Views
Last Modified: 2013-02-18
Hi guys I hope you are well and can assist.

We run a mixed environment.

Client side: XP and Win7
Server side: Win 2003 and Win 2008 R2

Historically, we have configured IE security settings and zones within the client build itself, but I dont think this is good practice.

What id like help with is the following:

Let us say for example, I want to add an exception URL that allows a popup to be allowed and not blocked.

How would you guys do this so that this configuration gets applied to your entire fleet?

Ideally this is what I would have thought you would want:

1/ A list of all Security settings in a matrix based on the zones eg:
a) Local Intranet
b) Internet
c) Trusted Sites
d) Restricted Sites
You could perhaps have this in an excel spreadsheet.

2/Somehow import the above settings into a gpo.

3/Apply the gpo from step 2/ to your fleet.

Im trying to work out how to do the following:

a) Quickly get a list of all security settings for IE on a newly built SOE machine
b) Create some kind of template or list that I can use this in AD
c) Use AD to deploy this list INSTEAD of having to put this hardcoded into each new build we do.

If you guys use GPOS for this, can someone please confirm the following for me?

Any help greatly appreciated.
0
Comment
Question by:Simon336697
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 13

Accepted Solution

by:
Jaihunt earned 2000 total points
ID: 38850722
Hi

You can find the all the Group policy settings in the below link.

Group Policy Settings Reference for Windows and Windows Server

http://www.microsoft.com/en-us/download/details.aspx?id=25250

In which server you are using GPMC tool to Add/edit the GPO. Please use Windows server 2008 R2 DC to Add/edit GPO

For Trusted Site:
computer configuration\Administrative templates\Windows Components\ActiveX Installer Service

Configuring trusted website and active x settings for IE7 or Vista and later
http://www.windowstricks.in/2010/11/configuring-trusted-website-and-activex.html

For IE security Settings:
computer configuration\Administrative templates\Windows Components\Internet explorer\Internet control panel\Security Page


Thanks
Jai
0
 
LVL 1

Author Comment

by:Simon336697
ID: 38902989
Thanks jai
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question