Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

How to deal with GPO in order to accept and install ActiveX without prompt  ?

Posted on 2015-02-05
6
Medium Priority
?
141 Views
Last Modified: 2015-02-05
Hello,
We are looking for a solution - with GPO - that would accept and install activex from a list of choosen URL.

questions :  

1. is there a way to know if a GPO config needs to restart the machine, loggoff and loggin or that would be applied without any intervention not even an gpupdate as we already have notice in our tests.

2. what would be the changes to pass to GPO's ?
as an example : we would like to have activeX from microsoft installed on machines without prompt for accepting it.


thank you in advance for your help.

toshi
0
Comment
Question by:toshi_
  • 4
  • 2
6 Comments
 
LVL 4

Expert Comment

by:Praveen Kumar Bonala
ID: 40590960
1. Navigate to Administrative Tools > Group Policy Management

2.Expand Forest: Domain > Domain > Domain name >Right-Click Default Domain Policy > Edit. Group Policy Management Editor will open.

3. Decide if you want your group policy to be a Computer or User policy. The policy exists on both.

Go to either User or Computer and navigate to Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\ (Then select the zone the webpage loads from: Local Machine, Trusted-Sites, Internet)

4. Find and enable the following:

a. Download Signed ActiveX Controls Enable (Don’t select Prompt)
b. Download UnSigned ActiveX Controls Enable
0
 

Author Comment

by:toshi_
ID: 40591014
Hello Praveen
thank you for your reply.

i came across a post that did the same proposal.

I'm not confortable with the b. part of your proposal as i wuoldn't like to let the Unsigned  activex install without control. i'll be more confortable with adding domain to a list that would accept the activex.

Something that would let us add new web domains when necessary.

Do you know about a solution with sort of Whitelist ?

thank you in advance for further help.
0
 
LVL 4

Expert Comment

by:Praveen Kumar Bonala
ID: 40591053
You mean you want to add new web sites to trusted sites list.? correct me if I am wrong.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 4

Accepted Solution

by:
Praveen Kumar Bonala earned 2000 total points
ID: 40591058
0
 

Author Comment

by:toshi_
ID: 40591093
hello praveen.

yes, i'd like to add web sites (domains) to a level of security that wont ask when an activex need to be install.

If - as your example link - i add let say www.google.com to 1 which is intranet, the active x from google.com will be installed without prompting any question ?  is taht right ?

thx
toshi
0
 
LVL 4

Expert Comment

by:Praveen Kumar Bonala
ID: 40591144
Yes,
in my first answer only we have enabled to install the activex with out prompting for the trusted sites.
and in second ans. we have added sites to trusted sites.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question