Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

How to deal with GPO in order to accept and install ActiveX without prompt  ?

Posted on 2015-02-05
6
113 Views
Last Modified: 2015-02-05
Hello,
We are looking for a solution - with GPO - that would accept and install activex from a list of choosen URL.

questions :  

1. is there a way to know if a GPO config needs to restart the machine, loggoff and loggin or that would be applied without any intervention not even an gpupdate as we already have notice in our tests.

2. what would be the changes to pass to GPO's ?
as an example : we would like to have activeX from microsoft installed on machines without prompt for accepting it.


thank you in advance for your help.

toshi
0
Comment
Question by:toshi_
  • 4
  • 2
6 Comments
 
LVL 4

Expert Comment

by:Praveen Kumar Bonala
ID: 40590960
1. Navigate to Administrative Tools > Group Policy Management

2.Expand Forest: Domain > Domain > Domain name >Right-Click Default Domain Policy > Edit. Group Policy Management Editor will open.

3. Decide if you want your group policy to be a Computer or User policy. The policy exists on both.

Go to either User or Computer and navigate to Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\ (Then select the zone the webpage loads from: Local Machine, Trusted-Sites, Internet)

4. Find and enable the following:

a. Download Signed ActiveX Controls Enable (Don’t select Prompt)
b. Download UnSigned ActiveX Controls Enable
0
 

Author Comment

by:toshi_
ID: 40591014
Hello Praveen
thank you for your reply.

i came across a post that did the same proposal.

I'm not confortable with the b. part of your proposal as i wuoldn't like to let the Unsigned  activex install without control. i'll be more confortable with adding domain to a list that would accept the activex.

Something that would let us add new web domains when necessary.

Do you know about a solution with sort of Whitelist ?

thank you in advance for further help.
0
 
LVL 4

Expert Comment

by:Praveen Kumar Bonala
ID: 40591053
You mean you want to add new web sites to trusted sites list.? correct me if I am wrong.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 4

Accepted Solution

by:
Praveen Kumar Bonala earned 500 total points
ID: 40591058
0
 

Author Comment

by:toshi_
ID: 40591093
hello praveen.

yes, i'd like to add web sites (domains) to a level of security that wont ask when an activex need to be install.

If - as your example link - i add let say www.google.com to 1 which is intranet, the active x from google.com will be installed without prompting any question ?  is taht right ?

thx
toshi
0
 
LVL 4

Expert Comment

by:Praveen Kumar Bonala
ID: 40591144
Yes,
in my first answer only we have enabled to install the activex with out prompting for the trusted sites.
and in second ans. we have added sites to trusted sites.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article runs through the process of deploying a single EXE application selectively to a group of user.
Last week, our Skyport webinar on “How to secure your Active Directory” (https://www.experts-exchange.com/videos/5810/Webinar-Is-Your-Active-Directory-as-Secure-as-You-Think.html?cid=Gene_Skyport) provided 218 attendees with a step-by-step guide for…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question