Do not prompt for client certificate selection when no certificates or only one certificate exists.
This policy setting allows you to manage whether users are prompted to select a certificate when no certificate or only one certificate exists.
If you enable this policy setting, Internet Explorer does not prompt users with a "Client Authentication" message when they connect to a Web site that has no certificate or only one certificate.
If you disable this policy setting, Internet Explorer prompts users with a "Client Authentication" message when they connect to a Web site that has no certificate or only one certificate.
If you do not configure this policy setting, Internet Explorer prompts users with a Client Authentication message when they connect to a Web site that has no certificate or only one certificate.
Supported on: At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1
Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Enable
Registry Hive HKEY_LOCAL_MACHINE Registry Path Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 Value Name 1A04 Value Type REG_DWORD Value 0 - Disable
Registry Hive HKEY_LOCAL_MACHINE Registry Path Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones\3 Value Name 1A04 Value Type REG_DWORD Value 3
inetres.admx
- Control Panel
- Regional and Language Options
- User Accounts
- Network
- Background Intelligent Transfer Service (BITS)
- Allow BITS Peercaching
- Do not allow the BITS client to use Windows Branch Cache
- Do not allow the computer to act as a BITS Peercaching client
- Do not allow the computer to act as a BITS Peercaching server
- Limit the age of files in the BITS Peercache
- Limit the BITS Peercache size
- Limit the maximum BITS job download time
- Limit the maximum network bandwidth for BITS background transfers
- Limit the maximum network bandwidth used for Peercaching
- Limit the maximum number of BITS jobs for each user
- Limit the maximum number of BITS jobs for this computer
- Limit the maximum number of files allowed in a BITS job
- Limit the maximum number of ranges that can be added to the file in a BITS job
- Set up a maintenance schedule to limit the maximum network bandwidth used for BITS background transfers
- Set up a work schedule to limit the maximum network bandwidth used for BITS background transfers
- Timeout for inactive BITS jobs
- BranchCache
- DNS Client
- Allow DNS Suffix Appending to Unqualified Multi-Label Name Queries
- Connection-Specific DNS Suffix
- DNS Servers
- DNS Suffix Search List
- Dynamic Update
- Primary DNS Suffix Devolution Level
- Primary DNS Suffix Devolution
- Primary DNS Suffix
- Register DNS records with connection-specific DNS suffix
- Register PTR Records
- Registration Refresh Interval
- Replace Addresses In Conflicts
- TTL Set in the A and PTR records
- Turn off Multicast Name Resolution
- Update Security Level
- Update Top Level Domain Zones
- Lanman Server
- Link-Layer Topology Discovery
- Microsoft Peer-to-Peer Networking Services
- Peer Name Resolution Protocol
- Global Clouds
- Link-Local Clouds
- Site-Local Clouds
- Disable password strength validation for Peer Grouping
- Turn off Microsoft Peer-to-Peer Networking Services
- Peer Name Resolution Protocol
- Network Connections
- Windows Defender Firewall
- Domain Profile
- Windows Defender Firewall: Allow ICMP exceptions
- Windows Defender Firewall: Allow inbound file and printer sharing exception
- Windows Defender Firewall: Allow inbound remote administration exception
- Windows Defender Firewall: Allow inbound Remote Desktop exceptions
- Windows Defender Firewall: Allow inbound UPnP framework exceptions
- Windows Defender Firewall: Allow local port exceptions
- Windows Defender Firewall: Allow local program exceptions
- Windows Defender Firewall: Allow logging
- Windows Defender Firewall: Define inbound port exceptions
- Windows Defender Firewall: Define inbound program exceptions
- Windows Defender Firewall: Do not allow exceptions
- Windows Defender Firewall: Prohibit notifications
- Windows Defender Firewall: Prohibit unicast response to multicast or broadcast requests
- Windows Defender Firewall: Protect all network connections
- Standard Profile
- Windows Defender Firewall: Allow ICMP exceptions
- Windows Defender Firewall: Allow inbound file and printer sharing exception
- Windows Defender Firewall: Allow inbound remote administration exception
- Windows Defender Firewall: Allow inbound Remote Desktop exceptions
- Windows Defender Firewall: Allow inbound UPnP framework exceptions
- Windows Defender Firewall: Allow local port exceptions
- Windows Defender Firewall: Allow local program exceptions
- Windows Defender Firewall: Allow logging
- Windows Defender Firewall: Define inbound port exceptions
- Windows Defender Firewall: Define inbound program exceptions
- Windows Defender Firewall: Do not allow exceptions
- Windows Defender Firewall: Prohibit notifications
- Windows Defender Firewall: Prohibit unicast response to multicast or broadcast requests
- Windows Defender Firewall: Protect all network connections
- Windows Defender Firewall: Allow authenticated IPsec bypass
- Domain Profile
- Do not show the "local access only" network icon
- Prohibit installation and configuration of Network Bridge on your DNS domain network
- Prohibit use of Internet Connection Firewall on your DNS domain network
- Require domain users to elevate when setting a network's location
- Route all traffic through the internal network
- Windows Defender Firewall
- Network Connectivity Status Indicator
- Offline Files
- Action on server disconnect
- Administratively assigned offline files
- Allow or Disallow use of the Offline Files feature
- At logoff, delete local copy of user's offline files
- Configure Background Sync
- Configure slow-link mode
- Configure Slow link speed
- Default cache size
- Enable Transparent Caching
- Encrypt the Offline Files cache
- Event logging level
- Exclude files from being cached
- Files not cached
- Initial reminder balloon lifetime
- Limit disk space used by offline files
- Non-default server disconnect actions
- Prevent use of Offline Files folder
- Prohibit 'Make Available Offline' for these file and folders
- Prohibit user configuration of Offline Files
- Reminder balloon frequency
- Reminder balloon lifetime
- Remove 'Make Available Offline'
- Subfolders always available offline
- Synchronize all offline files before logging off
- Synchronize all offline files when logging on
- Synchronize offline files before suspend
- Turn off reminder balloons
- Turn on economical application of administratively assigned Offline Files
- QoS Packet Scheduler
- DSCP value of conforming packets
- DSCP value of non-conforming packets
- Layer-2 priority value
- Limit outstanding packets
- Limit reservable bandwidth
- Set timer resolution
- SNMP
- SSL Configuration Settings
- TCPIP Settings
- Windows Connect Now
- Sets how often a DFS Client discovers DC's
- Background Intelligent Transfer Service (BITS)
- Printers
- Add Printer wizard - Network scan page (Managed network)
- Add Printer wizard - Network scan page (Unmanaged network)
- Allow printers to be published
- Allow Print Spooler to accept client connections
- Allow pruning of published printers
- Always render print jobs on the server
- Automatically publish new printers in Active Directory
- Check published state
- Computer location
- Custom support URL in the Printers folder's left pane
- Directory pruning interval
- Directory pruning priority
- Directory pruning retry
- Disallow installation of printers using kernel-mode drivers
- Execute print drivers in isolated processes
- Extend Point and Print connection to search Windows Update
- Log directory pruning retry events
- Only use Package Point and print
- Override print driver execution compatibility setting reported by print driver
- Package Point and print - Approved servers
- Point and Print Restrictions
- Pre-populate printer search location text
- Printer browsing
- Prune printers that are not automatically republished
- Web-based printing
- System
- Credentials Delegation
- Allow Delegating Default Credentials
- Allow Delegating Default Credentials with NTLM-only Server Authentication
- Allow Delegating Fresh Credentials
- Allow Delegating Fresh Credentials with NTLM-only Server Authentication
- Allow Delegating Saved Credentials
- Allow Delegating Saved Credentials with NTLM-only Server Authentication
- Deny Delegating Default Credentials
- Deny Delegating Fresh Credentials
- Deny Delegating Saved Credentials
- Device Installation
- Device Installation Restrictions
- Allow administrators to override Device Installation Restriction policies
- Allow installation of devices that match any of these device IDs
- Allow installation of devices using drivers that match these device setup classes
- Display a custom message title when device installation is prevented by a policy setting
- Display a custom message when installation is prevented by a policy setting
- Prevent installation of devices not described by other policy settings
- Prevent installation of devices that match any of these device IDs
- Prevent installation of devices using drivers that match these device setup classes
- Prevent installation of removable devices
- Time (in seconds) to force reboot when required for policy changes to take effect
- Allow remote access to the Plug and Play interface
- Configure device installation time-out
- Do not send a Windows error report when a generic driver is installed on a device
- Prevent creation of a system restore point during device activity that would normally prompt creation of a restore point
- Prevent device metadata retrieval from the Internet
- Prevent Windows from sending an error report when a device driver requests additional software during installation
- Prioritize all digitally signed drivers equally during the driver ranking and selection process
- Specify search order for device driver source locations
- Turn off "Found New Hardware" balloons during device installation
- Device Installation Restrictions
- Device Redirection
- Device Redirection Restrictions
- Disk NV Cache
- Disk Quotas
- Distributed COM
- Application Compatibility Settings
- Driver Installation
- Enhanced Storage Access
- Allow Enhanced Storage certificate provisioning
- Allow only USB root hub connected Enhanced Storage devices
- Configure list of Enhanced Storage devices usable on your computer
- Configure list of IEEE 1667 silos usable on your computer
- Do not allow non-Enhanced Storage removable devices
- Do not allow password authentication of Enhanced Storage devices
- Lock Enhanced Storage when the computer is locked
- Filesystem
- Folder Redirection
- Group Policy
- Logging and tracing
- Configure Applications preference logging and tracing
- Configure Data Sources preference logging and tracing
- Configure Devices preference logging and tracing
- Configure Drive Maps preference logging and tracing
- Configure Environment preference logging and tracing
- Configure Files preference logging and tracing
- Configure Folder Options preference logging and tracing
- Configure Folders preference logging and tracing
- Configure Ini Files preference logging and tracing
- Configure Internet Settings preference logging and tracing
- Configure Local Users and Groups preference logging and tracing
- Configure Network Options preference logging and tracing
- Configure Power Options preference logging and tracing
- Configure Printers preference logging and tracing
- Configure Regional Options preference logging and tracing
- Configure Registry preference logging and tracing
- Configure Scheduled Tasks preference logging and tracing
- Configure Services preference logging and tracing
- Configure Shortcuts preference logging and tracing
- Configure Start Menu preference logging and tracing
- Allow asynchronous user Group Policy processing when logging on through Remote Desktop Services
- Allow Cross-Forest User Policy and Roaming User Profiles
- Always use local ADM files for Group Policy Object Editor
- Configure Applications preference extension policy processing
- Configure Data Sources preference extension policy processing
- Configure Devices preference extension policy processing
- Configure Drive Maps preference extension policy processing
- Configure Environment preference extension policy processing
- Configure Files preference extension policy processing
- Configure Folder Options preference extension policy processing
- Configure Folders preference extension policy processing
- Configure Ini Files preference extension policy processing
- Configure Internet Settings preference extension policy processing
- Configure Local Users and Groups preference extension policy processing
- Configure Network Options preference extension policy processing
- Configure Power Options preference extension policy processing
- Configure Printers preference extension policy processing
- Configure Regional Options preference extension policy processing
- Configure Registry preference extension policy processing
- Configure Scheduled Tasks preference extension policy processing
- Configure Services preference extension policy processing
- Configure Shortcuts preference extension policy processing
- Configure Start Menu preference extension policy processing
- Disallow Interactive Users from generating Resultant Set of Policy data
- Disk Quota policy processing
- EFS recovery policy processing
- Folder Redirection policy processing
- Group Policy refresh interval for computers
- Group Policy refresh interval for domain controllers
- Group Policy slow link detection
- Internet Explorer Maintenance policy processing
- IP Security policy processing
- Registry policy processing
- Remove users ability to invoke machine policy refresh
- Scripts policy processing
- Security policy processing
- Software Installation policy processing
- Startup policy processing wait time
- Turn off background refresh of Group Policy
- Turn off Local Group Policy objects processing
- Turn off Resultant Set of Policy logging
- User Group Policy loopback processing mode
- Wired policy processing
- Wireless policy processing
- Logging and tracing
- Internet Communication Management
- Internet Communication settings
- Turn off access to all Windows Update features
- Turn off Automatic Root Certificates Update
- Turn off downloading of print drivers over HTTP
- Turn off Event Viewer "Events.asp" links
- Turn off handwriting personalization data sharing
- Turn off handwriting recognition error reporting
- Turn off Help and Support Center "Did you know?" content
- Turn off Help and Support Center Microsoft Knowledge Base search
- Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com
- Turn off Internet download for Web publishing and online ordering wizards
- Turn off Internet File Association service
- Turn off printing over HTTP
- Turn off Registration if URL connection is referring to Microsoft.com
- Turn off Search Companion content file updates
- Turn off the "Order Prints" picture task
- Turn off the "Publish to Web" task for files and folders
- Turn off the Windows Messenger Customer Experience Improvement Program
- Turn off Windows Customer Experience Improvement Program
- Turn off Windows Error Reporting
- Turn off Windows Network Connectivity Status Indicator active tests
- Turn off Windows Update device driver searching
- Restrict Internet communication
- Internet Communication settings
- iSCSI
- General iSCSI
- iSCSI Security
- iSCSI Target Discovery
- KDC
- Kerberos
- Locale Services
- Logon
- Always use classic logon
- Always use custom logon background
- Always wait for the network at computer startup and logon
- Assign a default domain for logon
- Don't display the Getting Started welcome screen at logon
- Do not process the legacy run list
- Do not process the run once list
- Exclude credential providers
- Hide entry points for Fast User Switching
- Run these programs at user logon
- Turn off Windows Startup Sound
- Net Logon
- DC Locator DNS Records
- Automated Site Coverage by the DC Locator DNS SRV Records
- DC Locator DNS records not registered by the DCs
- Domain Controller Address Type Returned
- Do not process incoming mailslot messages used for domain controller location based on NetBIOS domain names
- Dynamic Registration of the DC Locator DNS Records
- Force Rediscovery Interval
- Location of the DCs hosting a domain with single label DNS name
- Priority Set in the DC Locator DNS SRV Records
- Refresh Interval of the DC Locator DNS Records
- Sites Covered by the Application Directory Partition Locator DNS SRV Records
- Sites Covered by the DC Locator DNS SRV Records
- Sites Covered by the GC Locator DNS SRV Records
- Try Next Closest Site
- TTL Set in the DC Locator DNS Records
- Weight Set in the DC Locator DNS SRV Records
- Allow cryptography algorithms compatible with Windows NT 4.0
- Contact PDC on logon failure
- Expected dial-up delay on logon
- Final DC Discovery Retry Setting for Background Callers
- Initial DC Discovery Retry Setting for Background Callers
- Log File Debug Output Level
- Maximum DC Discovery Retry Interval Setting for Background Callers
- Maximum Log File Size
- Negative DC Discovery Cache Setting
- Positive Periodic DC Cache Refresh for Background Callers
- Positive Periodic DC Cache Refresh for Non-Background Callers
- Scavenge Interval
- Site Name
- DC Locator DNS Records
- Performance Control Panel
- Power Management
- Button Settings
- Select the lid switch action (on battery)
- Select the lid switch action (plugged in)
- Select the Power button action (on battery)
- Select the Power button action (plugged in)
- Select the Sleep button action (on battery)
- Select the Sleep button action (plugged in)
- Select the Start menu Power button action (on battery)
- Select the Start menu Power button action (plugged in)
- Hard Disk Settings
- Notification Settings
- Sleep Settings
- Allow applications to prevent automatic sleep (on battery)
- Allow applications to prevent automatic sleep (plugged in)
- Allow automatic sleep with Open Network Files (on battery)
- Allow automatic sleep with Open Network Files (plugged in)
- Allow standby states (S1-S3) when sleeping (on battery)
- Allow standby states (S1-S3) when sleeping (plugged in)
- Require a password when a computer wakes (on battery)
- Require a password when a computer wakes (plugged in)
- Specify the system hibernate timeout (on battery)
- Specify the system hibernate timeout (plugged in)
- Specify the system sleep timeout (on battery)
- Specify the system sleep timeout (plugged in)
- Specify the unattended sleep timeout (on battery)
- Specify the unattended sleep timeout (plugged in)
- Turn off hybrid sleep (on battery)
- Turn off hybrid sleep (plugged in)
- Turn on the ability for applications to prevent sleep transitions (on battery)
- Turn on the ability for applications to prevent sleep transitions (plugged in)
- Video and Display Settings
- Reduce display brightness (on battery)
- Reduce display brightness (plugged in)
- Specify the display dim brightness (on battery)
- Specify the display dim brightness (plugged in)
- Turn off adaptive display timeout (on battery)
- Turn off adaptive display timeout (plugged in)
- Turn off the display (on battery)
- Turn off the display (plugged in)
- Turn on desktop background slideshow (on battery)
- Turn on desktop background slideshow (plugged in)
- Select an active power plan
- Specify a custom active power plan
- Button Settings
- Recovery
- Remote Assistance
- Remote Procedure Call
- Removable Storage Access
- All Removable Storage: Allow direct access in remote sessions
- All Removable Storage classes: Deny all access
- CD and DVD: Deny execute access
- CD and DVD: Deny read access
- CD and DVD: Deny write access
- Custom Classes: Deny read access
- Custom Classes: Deny write access
- Floppy Drives: Deny execute access
- Floppy Drives: Deny read access
- Floppy Drives: Deny write access
- Removable Disks: Deny execute access
- Removable Disks: Deny read access
- Removable Disks: Deny write access
- Tape Drives: Deny execute access
- Tape Drives: Deny read access
- Tape Drives: Deny write access
- Time (in seconds) to force reboot
- WPD Devices: Deny read access
- WPD Devices: Deny write access
- Scripts
- Allow logon scripts when NetBIOS or WINS is disabled
- Maximum wait time for Group Policy scripts
- Run logon scripts synchronously
- Run shutdown scripts visible
- Run startup scripts asynchronously
- Run startup scripts visible
- Run Windows PowerShell scripts first at computer startup, shutdown
- Run Windows PowerShell scripts first at user logon, logoff
- Server Manager
- Shutdown Options
- System Restore
- Troubleshooting and Diagnostics
- Application Compatibility Diagnostics
- Detect application failures caused by deprecated COM objects
- Detect application failures caused by deprecated Windows DLLs
- Detect application installers that need to be run as administrator
- Detect application install failures
- Detect applications unable to launch installers under UAC
- Notify blocked drivers
- Corrupted File Recovery
- Disk Diagnostic
- Fault Tolerant Heap
- Microsoft Support Diagnostic Tool
- MSI Corrupted File Recovery
- Scheduled Maintenance
- Scripted Diagnostics
- Configure Security Policy for Scripted Diagnostics
- Troubleshooting: Allow users to access and run Troubleshooting Wizards
- Troubleshooting: Allow users to access online troubleshooting content on Microsoft servers from the Troubleshooting Control Panel (via the Windows Online Troubleshooting Service - WOTS)
- Windows Boot Performance Diagnostics
- Windows Memory Leak Diagnosis
- Windows Performance PerfTrack
- Windows Resource Exhaustion Detection and Resolution
- Windows Shutdown Performance Diagnostics
- Windows Standby/Resume Performance Diagnostics
- Windows System Responsiveness Performance Diagnostics
- Diagnostics: Configure scenario execution level
- Diagnostics: Configure scenario retention
- Application Compatibility Diagnostics
- Trusted Platform Module Services
- User Profiles
- Add the Administrators security group to roaming user profiles
- Background upload of a roaming user profile's registry file while user is logged on
- Delete cached copies of roaming profiles
- Delete user profiles older than a specified number of days on system restart
- Do not check for user ownership of Roaming Profile Folders
- Do not detect slow network connections
- Do not forcefully unload the users registry at user logoff
- Do not log users on with temporary profiles
- Leave Windows Installer and Group Policy Software Installation Data
- Maximum retries to unload and update user profile
- Only allow local user profiles
- Prevent Roaming Profile changes from propagating to the server
- Prompt user when a slow network connection is detected
- Set maximum wait time for the network if a user has a roaming user profile or remote home directory
- Set roaming profile path for all users logging onto this computer
- Slow network connection timeout for user profiles
- Timeout for dialog boxes
- Wait for remote user profile
- Windows File Protection
- Windows HotStart
- Windows Time Service
- Activate Shutdown Event Tracker System State Data feature
- Allow Distributed Link Tracking clients to use domain resources
- Display Shutdown Event Tracker
- Do not automatically encrypt files moved to encrypted folders
- Do not display Manage Your Server page at logon
- Do not turn off system power after a Windows system shutdown has occurred.
- Download missing COM components
- Enable Persistent Time Stamp
- Remove Boot / Shutdown / Logon / Logoff status messages
- Restrict potentially unsafe HTML Help functions to specified folders
- Restrict these programs from being launched from Help
- Specify Windows installation file location
- Specify Windows Service Pack installation file location
- Turn off Data Execution Prevention for HTML Help Executible
- Verbose vs normal status messages
- Credentials Delegation
- Windows Components
- Active Directory Federation Services
- ActiveX Installer Service
- Add features to Windows 8.1
- Application Compatibility
- AutoPlay Policies
- Backup
- Client
- Prevent backing up to local disks
- Prevent backing up to network location
- Prevent backing up to optical media (CD/DVD)
- Prevent the user from running the Backup Status and Configuration program
- Turn off restore functionality
- Turn off the ability to back up data files
- Turn off the ability to create a system image
- Server
- Client
- Biometrics
- BitLocker Drive Encryption
- Fixed Data Drives
- Allow access to BitLocker-protected fixed data drives from earlier versions of Windows
- Choose how BitLocker-protected fixed drives can be recovered
- Configure use of passwords for fixed data drives
- Configure use of smart cards on fixed data drives
- Deny write access to fixed drives not protected by BitLocker
- Operating System Drives
- Allow enhanced PINs for startup
- Choose how BitLocker-protected operating system drives can be recovered
- Configure minimum PIN length for startup
- Configure TPM platform validation profile
- Require additional authentication at startup (Windows Server 2008 and Windows Vista)
- Require additional authentication at startup
- Removable Data Drives
- Allow access to BitLocker-protected removable data drives from earlier versions of Windows
- Choose how BitLocker-protected removable drives can be recovered
- Configure use of passwords for removable data drives
- Configure use of smart cards on removable data drives
- Control use of BitLocker on removable drives
- Deny write access to removable drives not protected by BitLocker
- Choose default folder for recovery password
- Choose drive encryption method and cipher strength
- Choose how users can recover BitLocker-protected drives (Windows Server 2008 and Windows Vista)
- Prevent memory overwrite on restart
- Provide the unique identifiers for your organization
- Store BitLocker recovery information in Active Directory Domain Services(Windows Server 2008 and Windows Vista)
- Validate smart card certificate usage rule compliance
- Fixed Data Drives
- Credential User Interface
- Desktop Gadgets
- Desktop Window Manager
- Digital Locker
- Event Forwarding
- Event Log Service
- Application
- Security
- Setup
- System
- Event Viewer
- Game Explorer
- HomeGroup
- Internet Explorer
- Accelerators
- Application Compatibility
- Enable cut, copy or paste operations from the clipboard if URLACTION_SCRIPT_PASTE is set to Prompt
- Compatibility View
- Corporate Settings
- Delete Browsing History
- Configure Delete Browsing History on exit
- Disable "Configuring History"
- Prevent Deleting Cookies
- Prevent Deleting Favorites Site Data
- Prevent Deleting Form Data
- Prevent Deleting InPrivate Filtering data
- Prevent Deleting Passwords
- Prevent Deleting Temporary Internet Files
- Prevent Deleting Web sites that the User has Visited
- Prevent the deletion of temporary Internet files and cookies
- Turn off "Delete Browsing History" functionality
- InPrivate
- Internet Control Panel
- Advanced Page
- Allow active content from CDs to run on user machines
- Allow Install On Demand (except Internet Explorer)
- Allow Install On Demand (Internet Explorer)
- Allow software to run or install even if the signature is invalid
- Allow third-party browser extensions
- Automatically check for Internet Explorer updates
- Check for server certificate revocation
- Check for signatures on downloaded programs
- Do not allow resetting Internet Explorer settings
- Do not save encrypted pages to disk
- Empty Temporary Internet Files folder when browser is closed
- Play animations in web pages
- Play sounds in web pages
- Play videos in web pages
- Turn off ClearType
- Turn off Encryption Support
- Turn off Profile Assistant
- Turn on Caret Browsing support
- Use HTTP 1.1 through proxy connections
- Use HTTP 1.1
- Security Page
- Internet Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Intranet Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Local Machine Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Internet Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Intranet Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Local Machine Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Restricted Sites Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Trusted Sites Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Restricted Sites Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Trusted Sites Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Internet Zone Template
- Intranet Sites: Include all local (intranet) sites not listed in other zones
- Intranet Sites: Include all network paths (UNCs)
- Intranet Sites: Include all sites that bypass the proxy server
- Intranet Zone Template
- Local Machine Zone Template
- Locked-Down Internet Zone Template
- Locked-Down Intranet Zone Template
- Locked-Down Local Machine Zone Template
- Locked-Down Restricted Sites Zone Template
- Locked-Down Trusted Sites Zone Template
- Restricted Sites Zone Template
- Site to Zone Assignment List
- Trusted Sites Zone Template
- Turn on automatic detection of the intranet
- Turn on Information bar notification for intranet content
- Turn on Warn about Certificate Address Mismatch
- Internet Zone
- Disable the Advanced page
- Disable the Connections page
- Disable the Content page
- Disable the General page
- Disable the Privacy page
- Disable the Programs page
- Disable the Security page
- Prevent ignoring certificate errors
- Send internationalized domain names
- Use UTF-8 for mailto links
- Advanced Page
- Internet Settings
- AutoComplete
- Component Updates
- Help Menu > About Internet Explorer
- Periodic check for updates to Internet Explorer and Internet Tools
- Security Features
- Add-on Management
- AJAX
- Binary Behavior Security Restriction
- Consistent Mime Handling
- Information Bar
- Local Machine Zone Lockdown Security
- Mime Sniffing Safety Feature
- MK Protocol Security Restriction
- Network Protocol Lockdown
- Object Caching Protection
- Protection From Zone Elevation
- Restrict ActiveX Install
- Restrict File Download
- Scripted Window Security Restrictions
- Turn off Data Execution Prevention
- Turn off Data URI Support
- Toolbars
- Add a specific list of search providers to the user's search provider list
- Configure new tab page default behavior
- Customize User Agent String
- Disable Automatic Install of Internet Explorer components
- Disable changing Automatic Configuration settings
- Disable changing connection settings
- Disable changing proxy settings
- Disable Per-User Installation of ActiveX Controls
- Disable Periodic Check for Internet Explorer software updates
- Disable showing the splash screen
- Disable software update shell notifications on program launch
- Do not allow users to enable or disable add-ons
- Enforce Full Screen Mode
- Make proxy settings per-machine (rather than per-user)
- Only use the ActiveX Installer Service for installation of ActiveX Controls
- Pop-up allow list
- Prevent "Fix settings" functionality
- Prevent Bypassing SmartScreen Filter Warnings
- Prevent Internet Explorer Search box from displaying
- Prevent participation in the Customer Experience Improvement Program
- Prevent performance of First Run Customize settings
- Restrict changing the default search provider
- Restrict search providers to a specific list of providers
- Security Zones: Do not allow users to add/delete sites
- Security Zones: Do not allow users to change policies
- Security Zones: Use only machine settings
- Set tab process growth
- Turn off ActiveX opt-in prompt
- Turn off Automatic Crash Recovery Prompt
- Turn off configuration of default behavior of new tab creation
- Turn off configuration of tabbed browsing pop-up behavior
- Turn off configuration of window reuse
- Turn off Crash Detection
- Turn off displaying the Internet Explorer Help Menu
- Turn off Favorites bar
- Turn off Managing Phishing filter
- Turn off Managing Pop-up Allow list
- Turn off managing Pop-up filter level
- Turn off Managing SmartScreen Filter
- Turn off page zooming functionality
- Turn off pop-up management
- Turn off Quick Tabs functionality
- Turn off Reopen Last Browsing Session
- Turn off suggestions for all user-installed providers
- Turn off tabbed browsing
- Turn off the activation of the quick pick menu
- Turn off the auto-complete feature for web addresses
- Turn off the Security Settings Check feature
- Turn on Compatibility Logging
- Turn on menu bar by default
- Internet Information Services
- Location and Sensors
- NetMeeting
- Network Access Protection
- Network Projector
- Online Assistance
- Parental Controls
- Password Synchronization
- Set the interval between synchronization retries for Password Synchronization
- Set the number of synchronization retries for servers running Password Synchronization
- Turn on extensive logging for Password Synchronization
- Turn on the Windows to NIS password synchronization for users that have been migrated to Active Directory
- Pošta Windows
- Presentation Settings
- Remote Desktop Services
- RD Licensing
- Remote Desktop Connection Client
- RemoteFX USB Device Redirection
- Allow .rdp files from unknown publishers
- Allow .rdp files from valid publishers and user's default .rdp settings
- Configure server authentication for client
- Do not allow passwords to be saved
- Prompt for credentials on the client computer
- Specify SHA1 thumbprints of certificates representing trusted .rdp publishers
- Turn Off UDP On Client
- Remote Desktop Session Host
- Application Compatibility
- Connections
- Allow remote start of unlisted programs
- Allow users to connect remotely using Remote Desktop Services
- Automatic reconnection
- Configure keep-alive connection interval
- Deny logoff of an administrator logged in to the console session
- Limit number of connections
- Restrict Remote Desktop Services users to a single Remote Desktop Services session
- Select network detection on the server
- Select RDP transport protocols
- Set rules for remote control of Remote Desktop Services user sessions
- Turn off Fair Share CPU Scheduling
- Device and Resource Redirection
- Allow audio and video playback redirection
- Allow audio recording redirection
- Allow time zone redirection
- Do not allow clipboard redirection
- Do not allow COM port redirection
- Do not allow drive redirection
- Do not allow LPT port redirection
- Do not allow smart card device redirection
- Do not allow supported Plug and Play device redirection
- Limit audio playback quality
- Licensing
- Printer Redirection
- Profiles
- RD Connection Broker
- Remote Session Environment
- Allow desktop composition for remote desktop sessions
- Always show desktop on connection
- Configure image quality for RemoteFX Adaptive Graphics
- Configure RemoteFX Adaptive Graphics
- Configure RemoteFX
- Do not allow font smoothing
- Enable Remote Desktop Protocol 8.0
- Enforce Removal of Remote Desktop Wallpaper
- Limit maximum color depth
- Limit maximum display resolution
- Limit maximum number of monitors
- Optimize visual experience for Remote Desktop Services sessions
- Optimize visual experience when using RemoteFX
- Remove "Disconnect" option from Shut Down dialog
- Remove Windows Security item from Start menu
- Set compression algorithm for RDP data
- Start a program on connection
- Security
- Always prompt for password upon connection
- Do not allow local administrators to customize permissions
- Require secure RPC communication
- Require use of specific security layer for remote (RDP) connections
- Require user authentication for remote connections by using Network Level Authentication
- Server Authentication Certificate Template
- Set client connection encryption level
- Session Time Limits
- Temporary folders
- RSS Feeds
- Search
- OCR
- Add primary intranet search location
- Add secondary intranet search locations
- Allow indexing of encrypted files
- Allow use of diacritics
- Control rich previews for attachments
- Default excluded paths
- Default indexed paths
- Disable indexer backoff
- Do not allow web search
- Enable indexing of online delegate mailboxes
- Enable indexing uncached Exchange folders
- Enable throttling for online mail indexing
- Indexer data location
- Prevent adding UNC locations to index from Control Panel
- Prevent adding user-specified locations to the All Locations menu
- Prevent clients from querying the index remotely
- Prevent customization of indexed locations in Control Panel
- Prevent displaying advanced indexing options in Control Panel
- Prevent indexing certain paths
- Prevent indexing e-mail attachments
- Prevent indexing files in offline files cache
- Prevent indexing Microsoft Office Outlook
- Prevent indexing of certain file types
- Prevent indexing public folders
- Prevent indexing when running on battery power to conserve energy
- Prevent unwanted iFilters and protocol handlers
- Preview pane location
- Set large or small icon view in desktop search results
- Stop indexing in the event of limited hard drive space
- Security Center
- Server for NIS
- Shutdown Options
- Smart Card
- Allow certificates with no extended key usage certificate attribute
- Allow ECC certificates to be used for logon and authentication
- Allow Integrated Unblock screen to be displayed at the time of logon
- Allow signature keys valid for Logon
- Allow time invalid certificates
- Allow user name hint
- Configure root certificate clean up
- Display string when smart card is blocked
- Filter duplicate logon certificates
- Force the reading of all certificates from the smart card
- Notify user of successful smart card driver installation
- Prevent plaintext PINs from being returned by Credential Manager
- Reverse the subject name stored in a certificate when displaying
- Turn on certificate propagation from smart card
- Turn on root certificate propagation from smart card
- Turn on Smart Card Plug and Play service
- Sound Recorder
- Tablet PC
- Accessories
- Cursors
- Handwriting personalization
- Hardware Buttons
- Input Panel
- Disable text prediction
- For tablet pen input, don't show the Input Panel icon
- For touch input, don't show the Input Panel icon
- Include rarely used Chinese, Kanji, or Hanja characters
- Prevent Input Panel tab from appearing
- Switch to the Simplified Chinese (PRC) gestures
- Turn off AutoComplete integration with Input Panel
- Turn off password security in Input Panel
- Turn off tolerant and Z-shaped scratch-out gestures
- Pen Flicks Learning
- Pen UX Behaviors
- Tablet PC Pen Training
- Touch Input
- Task Scheduler
- Windows Calendar
- Windows Color System
- Windows Customer Experience Improvement Program
- Windows Defender
- Check for New Signatures Before Scheduled Scans
- Configure Microsoft SpyNet Reporting
- Turn off Real-Time Monitoring
- Turn off Routinely Taking Action
- Turn off Windows Defender
- Turn on definition updates through both WSUS and the Microsoft Malware Protection Center
- Turn on definition updates through both WSUS and Windows Update
- Windows Error Reporting
- Advanced Error Reporting Settings
- Configure Corporate Windows Error Reporting
- Configure Report Archive
- Configure Report Queue
- Default application reporting settings
- List of applications to always report errors for
- List of applications to be excluded
- List of applications to never report errors for
- Report operating system errors
- Report unplanned shutdown events
- Consent
- Configure Error Reporting
- Disable Logging
- Disable Windows Error Reporting
- Display Error Notification
- Do not send additional data
- Prevent display of the user interface for critical errors
- Advanced Error Reporting Settings
- Windows Explorer
- Previous Versions
- Disable binding directly to IPropertySetStorage without intermediate layers.
- Set a support web page link
- Turn off Data Execution Prevention for Explorer
- Turn off heap termination on corruption
- Turn off numerical sorting in Windows Explorer
- Turn off shell protocol protected mode
- Verify old and new Folder Redirection targets point to the same share before redirecting
- Windows Installer
- Allow admin to install from Remote Desktop Services session
- Always install with elevated privileges
- Baseline file cache maximum size
- Cache transforms in secure location on workstation
- Disable IE security prompt for Windows Installer scripts
- Disable logging via package settings
- Disable Windows Installer
- Enable user control over installs
- Enable user to browse for source while elevated
- Enable user to patch elevated products
- Enable user to use media source while elevated
- Enforce upgrade component rules
- Logging
- Prohibit Flyweight Patching
- Prohibit non-administrators from applying vendor signed updates
- Prohibit patching
- Prohibit removal of updates
- Prohibit rollback
- Prohibit Use of Restart Manager
- Prohibit User Installs
- Remove browse dialog box for new source
- Turn off creation of System Restore Checkpoints
- Windows Logon Options
- Windows Media Center
- Windows Media Digital Rights Management
- Windows Media Player
- Windows Messenger
- Windows Mobility Center
- Windows Reliability Analysis
- Windows Remote Management (WinRM)
- WinRM Client
- WinRM Service
- Allow automatic configuration of listeners
- Allow Basic authentication
- Allow CredSSP authentication
- Allow unencrypted traffic
- Disallow Kerberos authentication
- Disallow Negotiate authentication
- Specify channel binding token hardening level
- Turn On Compatibility HTTP Listener
- Turn On Compatibility HTTPS Listener
- Windows Remote Shell
- Windows SideShow
- Windows System Resource Manager
- Windows Update
- Allow Automatic Updates immediate installation
- Allow non-administrators to receive update notifications
- Allow signed updates from an intranet Microsoft update service location
- Automatic Updates detection frequency
- Configure Automatic Updates
- Delay Restart for scheduled installations
- Do not adjust default option to 'Install Updates and Shut Down' in Shut Down Windows dialog box
- Do not display 'Install Updates and Shut Down' option in Shut Down Windows dialog box
- Enable client-side targeting
- Enabling Windows Update Power Management to automatically wake up the system to install scheduled updates
- No auto-restart with logged on users for scheduled automatic updates installations
- Re-prompt for restart with scheduled installations
- Reschedule Automatic Updates scheduled installations
- Specify intranet Microsoft update service location
- Turn on recommended updates via Automatic Updates
- Turn on Software Notifications
- Control Panel
- Add or Remove Programs
- Go directly to Components Wizard
- Hide Add/Remove Windows Components page
- Hide Add New Programs page
- Hide Change or Remove Programs page
- Hide the "Add a program from CD-ROM or floppy disk" option
- Hide the "Add programs from Microsoft" option
- Hide the "Add programs from your network" option
- Hide the Set Program Access and Defaults page
- Remove Add or Remove Programs
- Remove Support Information
- Specify default category for Add New Programs
- Display
- Personalization
- Enable screen saver
- Force a specific visual style file or force Windows Classic
- Force specific screen saver
- Load a specific theme
- Password protect the screen saver
- Prevent changing color scheme
- Prevent changing desktop background
- Prevent changing desktop icons
- Prevent changing mouse pointers
- Prevent changing screen saver
- Prevent changing sounds
- Prevent changing theme
- Prevent changing visual style for windows and buttons
- Prevent changing window color and appearance
- Prohibit selection of visual style font size
- Screen saver timeout
- Printers
- Programs
- Regional and Language Options
- Hide Regional and Language Options administrative options
- Hide the geographic location option
- Hide the select language group options
- Hide user locale selection and customization options
- Restrict selection of Windows menus and dialogs language
- Restricts the UI languages Windows should use for the selected user
- Always open All Control Panel Items when opening Control Panel
- Hide specified Control Panel items
- Prohibit access to Control Panel and PC settings
- Show only specified Control Panel items
- Add or Remove Programs
- Desktop
- Active Directory
- Desktop
- Don't save settings at exit
- Do not add shares of recently opened documents to Network Locations
- Hide and disable all items on the desktop
- Hide Internet Explorer icon on desktop
- Hide Network Locations icon on desktop
- Prevent adding, dragging, dropping and closing the Taskbar's toolbars
- Prohibit adjusting desktop toolbars
- Prohibit User from manually redirecting Profile Folders
- Remove Computer icon on the desktop
- Remove My Documents icon on the desktop
- Remove Properties from the Computer icon context menu
- Remove Properties from the Documents icon context menu
- Remove Properties from the Recycle Bin context menu
- Remove Recycle Bin icon from desktop
- Remove the Desktop Cleanup Wizard
- Turn off Aero Shake window minimizing mouse gesture
- Network
- Network Connections
- Ability to change properties of an all user remote access connection
- Ability to delete all user remote access connections
- Ability to Enable/Disable a LAN connection
- Ability to rename all user remote access connections
- Ability to rename LAN connections
- Ability to rename LAN connections or remote access connections available to all users
- Enable Windows 2000 Network Connections settings for Administrators
- Prohibit access to properties of a LAN connection
- Prohibit access to properties of components of a LAN connection
- Prohibit access to properties of components of a remote access connection
- Prohibit access to the Advanced Settings item on the Advanced menu
- Prohibit access to the New Connection Wizard
- Prohibit access to the Remote Access Preferences item on the Advanced menu
- Prohibit adding and removing components for a LAN or remote access connection
- Prohibit changing properties of a private remote access connection
- Prohibit connecting and disconnecting a remote access connection
- Prohibit deletion of remote access connections
- Prohibit Enabling/Disabling components of a LAN connection
- Prohibit renaming private remote access connections
- Prohibit TCP/IP advanced configuration
- Prohibit viewing of status for an active connection
- Turn off notifications when a connection has only limited or no connectivity
- Offline Files
- Action on server disconnect
- Administratively assigned offline files
- Event logging level
- Initial reminder balloon lifetime
- Non-default server disconnect actions
- Prevent use of Offline Files folder
- Prohibit 'Make Available Offline' for these file and folders
- Prohibit user configuration of Offline Files
- Reminder balloon frequency
- Reminder balloon lifetime
- Remove 'Make Available Offline'
- Synchronize all offline files before logging off
- Synchronize all offline files when logging on
- Synchronize offline files before suspend
- Turn off reminder balloons
- Windows Connect Now
- Network Connections
- Start Menu and Taskbar
- Add "Run in Separate Memory Space" check box to Run dialog box
- Add Logoff to the Start Menu
- Add Search Internet link to Start Menu
- Add the Run command to the Start Menu
- Change Start Menu power button
- Clear history of recently opened documents on exit
- Clear the recent programs list for new users
- Do not allow pinning items in Jump Lists
- Do not allow pinning programs to the Taskbar
- Do not display any custom toolbars in the taskbar
- Do not display or track items in Jump Lists from remote locations
- Do not keep history of recently opened documents
- Do not search communications
- Do not search for files
- Do not search Internet
- Do not search programs and Control Panel items
- Do not use the search-based method when resolving shell shortcuts
- Do not use the tracking-based method when resolving shell shortcuts
- Force classic Start Menu
- Gray unavailable Windows Installer programs Start Menu shortcuts
- Hide the notification area
- Lock all taskbar settings
- Lock the Taskbar
- Prevent changes to Taskbar and Start Menu Settings
- Prevent grouping of taskbar items
- Prevent users from adding or removing toolbars
- Prevent users from moving taskbar to another screen dock location
- Prevent users from rearranging toolbars
- Prevent users from resizing the taskbar
- Remove access to the context menus for the taskbar
- Remove All Programs list from the Start menu
- Remove and prevent access to the Shut Down, Restart, Sleep, and Hibernate commands
- Remove Balloon Tips on Start Menu items
- Remove Clock from the system notification area
- Remove common program groups from Start Menu
- Remove Default Programs link from the Start menu.
- Remove Documents icon from Start Menu
- Remove Downloads link from Start Menu
- Remove drag-and-drop and context menus on the Start Menu
- Remove Favorites menu from Start Menu
- Remove frequent programs list from the Start Menu
- Remove Games link from Start Menu
- Remove Help menu from Start Menu
- Remove Homegroup link from Start Menu
- Remove links and access to Windows Update
- Remove Logoff on the Start Menu
- Remove Music icon from Start Menu
- Remove Network Connections from Start Menu
- Remove Network icon from Start Menu
- Remove Pictures icon from Start Menu
- Remove pinned programs from the Taskbar
- Remove pinned programs list from the Start Menu
- Remove programs on Settings menu
- Remove Recent Items menu from Start Menu
- Remove Recorded TV link from Start Menu
- Remove Run menu from Start Menu
- Remove Search Computer link
- Remove Search link from Start Menu
- Remove See More Results / Search Everywhere link
- Remove the "Undock PC" button from the Start Menu
- Remove the Action Center icon
- Remove the battery meter
- Remove the networking icon
- Remove the volume control icon
- Remove user's folders from the Start Menu
- Remove user folder link from Start Menu
- Remove user name from Start Menu
- Remove Videos link from Start Menu
- Show QuickLaunch on Taskbar
- Turn off all balloon notifications
- Turn off automatic promotion of notification icons to the taskbar
- Turn off feature advertisement balloon notifications
- Turn off notification area cleanup
- Turn off taskbar thumbnails
- Turn off user tracking
- System
- Ctrl+Alt+Del Options
- Driver Installation
- Folder Redirection
- Group Policy
- Create new Group Policy object links disabled by default
- Default name for new Group Policy objects
- Disallow Interactive Users from generating Resultant Set of Policy data
- Enforce Show Policies Only
- Group Policy domain controller selection
- Group Policy refresh interval for users
- Group Policy slow link detection
- Turn off automatic update of ADM files
- Internet Communication Management
- Internet Communication settings
- Turn off downloading of print drivers over HTTP
- Turn off handwriting personalization data sharing
- Turn off handwriting recognition error reporting
- Turn off Help Experience Improvement Program
- Turn off Help Ratings
- Turn off Internet download for Web publishing and online ordering wizards
- Turn off Internet File Association service
- Turn off printing over HTTP
- Turn off the "Order Prints" picture task
- Turn off the "Publish to Web" task for files and folders
- Turn off the Windows Messenger Customer Experience Improvement Program
- Turn off Windows Online
- Restrict Internet communication
- Internet Communication settings
- Locale Services
- Logon
- Performance Control Panel
- Power Management
- Removable Storage Access
- All Removable Storage classes: Deny all access
- CD and DVD: Deny read access
- CD and DVD: Deny write access
- Custom Classes: Deny read access
- Custom Classes: Deny write access
- Floppy Drives: Deny read access
- Floppy Drives: Deny write access
- Removable Disks: Deny read access
- Removable Disks: Deny write access
- Tape Drives: Deny read access
- Tape Drives: Deny write access
- Time (in seconds) to force reboot
- WPD Devices: Deny read access
- WPD Devices: Deny write access
- Scripts
- User Profiles
- Windows HotStart
- Century interpretation for Year 2000
- Custom User Interface
- Don't display the Getting Started welcome screen at logon
- Don't run specified Windows applications
- Download missing COM components
- Prevent access to registry editing tools
- Prevent access to the command prompt
- Restrict these programs from being launched from Help
- Run only specified Windows applications
- Windows Automatic Updates
- Windows Components
- Add features to Windows 8.1
- Application Compatibility
- Attachment Manager
- Default risk level for file attachments
- Do not preserve zone information in file attachments
- Hide mechanisms to remove zone information
- Inclusion list for high risk file types
- Inclusion list for low file types
- Inclusion list for moderate risk file types
- Notify antivirus programs when opening attachments
- Trust logic for file attachments
- AutoPlay Policies
- Backup
- Client
- Prevent backing up to local disks
- Prevent backing up to network location
- Prevent backing up to optical media (CD/DVD)
- Prevent the user from running the Backup Status and Configuration program
- Turn off restore functionality
- Turn off the ability to back up data files
- Turn off the ability to create a system image
- Client
- Desktop Gadgets
- Desktop Window Manager
- Digital Locker
- Instant Search
- Internet Explorer
- Accelerators
- Administrator Approved Controls
- Application Compatibility
- Enable cut, copy or paste operations from the clipboard if URLACTION_SCRIPT_PASTE is set to Prompt
- Browser menus
- Disable Context menu
- Disable Open in New Window menu option
- Disable Save this program to disk option
- File menu: Disable closing the browser and Explorer windows
- File menu: Disable New menu option
- File menu: Disable Open menu option
- File menu: Disable Save As... menu option
- File menu: Disable Save As Web Page Complete
- Help menu: Remove 'For Netscape Users' menu option
- Help menu: Remove 'Send Feedback' menu option
- Help menu: Remove 'Tip of the Day' menu option
- Help menu: Remove 'Tour' menu option
- Hide Favorites menu
- Tools menu: Disable Internet Options... menu option
- Turn off Print Menu
- View menu: Disable Full Screen menu option
- View menu: Disable Source menu option
- Compatibility View
- Delete Browsing History
- Configure Delete Browsing History on exit
- Disable "Configuring History"
- Prevent Deleting Cookies
- Prevent Deleting Favorites Site Data
- Prevent Deleting Form Data
- Prevent Deleting InPrivate Filtering data
- Prevent Deleting Passwords
- Prevent Deleting Temporary Internet Files
- Prevent Deleting Web sites that the User has Visited
- Prevent the deletion of temporary Internet files and cookies
- Turn off "Delete Browsing History" functionality
- InPrivate
- Internet Control Panel
- Advanced Page
- Allow active content from CDs to run on user machines
- Allow Install On Demand (except Internet Explorer)
- Allow Install On Demand (Internet Explorer)
- Allow software to run or install even if the signature is invalid
- Allow third-party browser extensions
- Automatically check for Internet Explorer updates
- Check for server certificate revocation
- Check for signatures on downloaded programs
- Do not allow resetting Internet Explorer settings
- Do not save encrypted pages to disk
- Empty Temporary Internet Files folder when browser is closed
- Play animations in web pages
- Play sounds in web pages
- Play videos in web pages
- Turn off ClearType
- Turn off Encryption Support
- Turn off Profile Assistant
- Turn on Caret Browsing support
- Use HTTP 1.1 through proxy connections
- Use HTTP 1.1
- Security Page
- Internet Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Intranet Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Local Machine Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Internet Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Intranet Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Local Machine Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Restricted Sites Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Trusted Sites Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Restricted Sites Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Trusted Sites Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Internet Zone Template
- Intranet Sites: Include all local (intranet) sites not listed in other zones
- Intranet Sites: Include all network paths (UNCs)
- Intranet Sites: Include all sites that bypass the proxy server
- Intranet Zone Template
- Local Machine Zone Template
- Locked-Down Internet Zone Template
- Locked-Down Intranet Zone Template
- Locked-Down Local Machine Zone Template
- Locked-Down Restricted Sites Zone Template
- Locked-Down Trusted Sites Zone Template
- Restricted Sites Zone Template
- Site to Zone Assignment List
- Trusted Sites Zone Template
- Turn on automatic detection of the intranet
- Turn on Information bar notification for intranet content
- Turn on Warn about Certificate Address Mismatch
- Internet Zone
- Disable the Advanced page
- Disable the Connections page
- Disable the Content page
- Disable the General page
- Disable the Privacy page
- Disable the Programs page
- Disable the Security page
- Prevent ignoring certificate errors
- Send internationalized domain names
- Use UTF-8 for mailto links
- Advanced Page
- Internet Settings
- Advanced settings
- Browsing
- Internet Connection Wizard Settings
- Multimedia
- Printing
- Searching
- Signup Settings
- AutoComplete
- Display settings
- General Colors
- Link Colors
- Prevent users from choosing default text size
- URL Encoding
- Advanced settings
- Offline Pages
- Disable adding channels
- Disable adding schedules for offline pages
- Disable all scheduled offline pages
- Disable channel user interface completely
- Disable downloading of site subscription content
- Disable editing and creating of schedule groups
- Disable editing schedules for offline pages
- Disable offline page hit logging
- Disable removing channels
- Disable removing schedules for offline pages
- Subscription Limits
- Persistence Behavior
- Security Features
- Add-on Management
- AJAX
- Binary Behavior Security Restriction
- Consistent Mime Handling
- Information Bar
- Local Machine Zone Lockdown Security
- Mime Sniffing Safety Feature
- MK Protocol Security Restriction
- Network Protocol Lockdown
- Object Caching Protection
- Protection From Zone Elevation
- Restrict ActiveX Install
- Restrict File Download
- Scripted Window Security Restrictions
- Turn off Data URI Support
- Toolbars
- Auto-hide the Toolbars
- Configure Toolbar Buttons
- Customize Command Labels
- Disable customizing browser toolbar buttons
- Disable customizing browser toolbars
- Hide the Command Bar
- Hide the Status Bar
- Lock all Toolbars
- Set location of Stop and Refresh buttons
- Turn off Developer Tools
- Turn off toolbar upgrade tool
- Use large Icons for Command Buttons
- Add a specific list of search providers to the user's search provider list
- Configure Media Explorer Bar
- Configure new tab page default behavior
- Configure Outlook Express
- Customize User Agent String
- Disable AutoComplete for forms
- Disable caching of Auto-Proxy scripts
- Disable changing accessibility settings
- Disable changing Advanced page settings
- Disable changing Automatic Configuration settings
- Disable changing Calendar and Contact settings
- Disable changing certificate settings
- Disable changing color settings
- Disable changing connection settings
- Disable changing default browser check
- Disable changing font settings
- Disable changing home page settings
- Disable changing language settings
- Disable changing link color settings
- Disable changing Messaging settings
- Disable changing Profile Assistant settings
- Disable changing proxy settings
- Disable changing ratings settings
- Disable changing secondary home page settings
- Disable changing Temporary Internet files settings
- Disable external branding of Internet Explorer
- Disable Import/Export Settings wizard
- Disable Internet Connection wizard
- Disable Per-User Installation of ActiveX Controls
- Disable the Reset Web Settings feature
- Display error message on proxy script download failure
- Do not allow users to enable or disable add-ons
- Enforce Full Screen Mode
- Identity Manager: Prevent users from using Identities
- Only use the ActiveX Installer Service for installation of ActiveX Controls
- Pop-up allow list
- Prevent "Fix settings" functionality
- Prevent Bypassing SmartScreen Filter Warnings
- Prevent Internet Explorer Search box from displaying
- Prevent participation in the Customer Experience Improvement Program
- Prevent performance of First Run Customize settings
- Restrict changing the default search provider
- Restrict search providers to a specific list of providers
- Search: Disable Find Files via F3 within the browser
- Search: Disable Search Customization
- Set tab process growth
- Turn off ActiveX opt-in prompt
- Turn off Automatic Crash Recovery Prompt
- Turn off configuration of default behavior of new tab creation
- Turn off configuration of tabbed browsing pop-up behavior
- Turn off configuration of window reuse
- Turn off Crash Detection
- Turn off displaying the Internet Explorer Help Menu
- Turn off Favorites bar
- Turn off Managing Phishing filter
- Turn off Managing Pop-up Allow list
- Turn off managing Pop-up filter level
- Turn off Managing SmartScreen Filter
- Turn off page zooming functionality
- Turn off pop-up management
- Turn off Quick Tabs functionality
- Turn off Reopen Last Browsing Session
- Turn off suggestions for all user-installed providers
- Turn off tabbed browsing
- Turn off Tab Grouping
- Turn off the activation of the quick pick menu
- Turn off the auto-complete feature for web addresses
- Turn off the Security Settings Check feature
- Turn on Compatibility Logging
- Turn on menu bar by default
- Turn on Suggested Sites
- Turn on the auto-complete feature for user names and passwords on forms
- Use Automatic Detection for dial-up connections
- Location and Sensors
- Microsoft Management Console
- Restricted/Permitted snap-ins
- Extension snap-ins
- AppleTalk Routing
- Authorization Manager
- Certification Authority Policy Settings
- Connection Sharing (NAT)
- DCOM Configuration Extension
- Device Manager
- DFS Management Extension
- DHCP Relay Management
- Disk Management Extension
- Event Viewer (Windows Vista)
- Event Viewer
- Extended View (Web View)
- File Server Resource Manager Extension
- IAS Logging
- IGMP Routing
- IP Routing
- IPX RIP Routing
- IPX Routing
- IPX SAP Routing
- Logical and Mapped Drives
- OSPF Routing
- Public Key Policies
- RAS Dialin - User Node
- Remote Access
- Removable Storage
- RIP Routing
- Routing
- Send Console Message
- Service Dependencies
- SMTP Protocol
- SNMP
- Storage Manager for SANS Extension
- System Properties
- Group Policy
- Group Policy snap-in extensions
- Administrative Templates (Computers)
- Administrative Templates (Users)
- Folder Redirection
- Internet Explorer Maintenance
- IP Security Policy Management
- NAP Client Configuration
- Remote Installation Services
- Scripts (Logon/Logoff)
- Scripts (Startup/Shutdown)
- Security Settings
- Software Installation (Computers)
- Software Installation (Users)
- Windows Firewall with Advanced Security
- Wired Network (IEEE 802.3) Policies
- Wireless Network (IEEE 802.11) Policies
- Preference snap-in extensions
- Permit use of Application snap-ins
- Permit use of Applications preference extension
- Permit use of Control Panel Settings (Computers)
- Permit use of Control Panel Settings (Users)
- Permit use of Data Sources preference extension
- Permit use of Devices preference extension
- Permit use of Drive Maps preference extension
- Permit use of Environment preference extension
- Permit use of Files preference extension
- Permit use of Folder Options preference extension
- Permit use of Folders preference extension
- Permit use of Ini Files preference extension
- Permit use of Internet Settings preference extension
- Permit use of Local Users and Groups preference extension
- Permit use of Network Options preference extension
- Permit use of Power Options preference extension
- Permit use of Preferences tab
- Permit use of Printers preference extension
- Permit use of Regional Options preference extension
- Permit use of Registry preference extension
- Permit use of Scheduled Tasks preference extension
- Permit use of Services preference extension
- Permit use of Shortcuts preference extension
- Permit use of Start Menu preference extension
- Resultant Set of Policy snap-in extensions
- Group Policy Management Editor
- Group Policy Management
- Group Policy Object Editor
- Group Policy Starter GPO Editor
- Group Policy tab for Active Directory Tools
- Resultant Set of Policy snap-in
- Group Policy snap-in extensions
- .Net Framework Configuration
- Active Directory Domains and Trusts
- Active Directory Sites and Services
- Active Directory Users and Computers
- ActiveX Control
- ADSI Edit
- Certificates
- Certificate Templates
- Certification Authority
- Component Services
- Computer Management
- Device Manager
- DFS Management
- Disk Defragmenter
- Disk Management
- Distributed File System
- Enterprise PKI
- Event Viewer (Windows Vista)
- Event Viewer
- Failover Clusters Manager
- FAX Service
- File Server Resource Manager
- FrontPage Server Extensions
- Health Registration Authority (HRA)
- Indexing Service
- Internet Authentication Service (IAS)
- Internet Information Services
- IP Security Monitor
- IP Security Policy Management
- Link to Web Address
- Local Users and Groups
- NAP Client Configuration
- Network Policy Server (NPS)
- Online Responder
- Performance Logs and Alerts
- QoS Admission Control
- Remote Desktop Services Configuration
- Remote Desktops
- Removable Storage Management
- Routing and Remote Access
- Security Configuration and Analysis
- Security Templates
- Server Manager
- Services
- Storage Manager for SANs
- System Information
- Telephony
- TPM Management
- Windows Firewall with Advanced Security
- Wireless Monitor
- WMI Control
- Extension snap-ins
- Restrict the user from entering author mode
- Restrict users to the explicitly permitted list of snap-ins
- Restricted/Permitted snap-ins
- NetMeeting
- Application Sharing
- Audio & Video
- Options Page
- Allow persisting automatic acceptance of Calls
- Disable Chat
- Disable Directory services
- Disable NetMeeting 2.x Whiteboard
- Disable Whiteboard
- Enable Automatic Configuration
- Limit the size of sent files
- Prevent adding Directory servers
- Prevent automatic acceptance of Calls
- Prevent changing Call placement method
- Prevent receiving files
- Prevent sending files
- Prevent viewing Web directory
- Set Call Security options
- Set the intranet support Web page
- Network Projector
- Network Sharing
- Pošta Windows
- Presentation Settings
- Remote Desktop Services
- RD Gateway
- Remote Desktop Connection Client
- Remote Desktop Session Host
- Connections
- Device and Resource Redirection
- Printer Redirection
- Remote Session Environment
- Session Time Limits
- RSS Feeds
- Search
- Sound Recorder
- Tablet PC
- Accessories
- Cursors
- Handwriting personalization
- Hardware Buttons
- Input Panel
- Disable text prediction
- For tablet pen input, don't show the Input Panel icon
- For touch input, don't show the Input Panel icon
- Include rarely used Chinese, Kanji, or Hanja characters
- Prevent Input Panel tab from appearing
- Switch to the Simplified Chinese (PRC) gestures
- Turn off AutoComplete integration with Input Panel
- Turn off password security in Input Panel
- Turn off tolerant and Z-shaped scratch-out gestures
- Pen Flicks Learning
- Pen UX Behaviors
- Tablet PC Pen Training
- Touch Input
- Task Scheduler
- Windows Calendar
- Windows Color System
- Windows Error Reporting
- Windows Explorer
- Common Open File Dialog
- Explorer Frame Pane
- Previous Versions
- Allow only per user or approved shell extensions
- Disable binding directly to IPropertySetStorage without intermediate layers.
- Disable Known Folders
- Display confirmation dialog when deleting files
- Display the menu bar in File Explorer
- Do not display the Welcome Center at user logon
- Do not move deleted files to the Recycle Bin
- Do not request alternate credentials
- Do not track Shell shortcuts during roaming
- Hides the Manage item on the Windows Explorer context menu
- Hide these specified drives in My Computer
- Maximum allowed Recycle Bin size
- Maximum number of recent documents
- No Computers Near Me in Network Locations
- No Entire Network in Network Locations
- Pin Internet search sites to the "Search again" links and the Start menu
- Pin Libraries or Search Connectors to the "Search again" links and the Start menu
- Prevent access to drives from My Computer
- Prevent users from adding files to the root of their Users Files folder.
- Remove "Map Network Drive" and "Disconnect Network Drive"
- Remove CD Burning features
- Remove DFS tab
- Remove File menu from Windows Explorer
- Remove Hardware tab
- Remove Search button from Windows Explorer
- Remove Security tab
- Removes the Folder Options menu item from the Tools menu
- Remove the Search the Internet "Search again" link
- Remove UI to change menu animation setting
- Remove Windows Explorer's default context menu
- Request credentials for network installations
- Turn off caching of thumbnail pictures
- Turn off common control and window animations
- Turn off display of recent search entries in the Windows Explorer search box
- Turn off numerical sorting in Windows Explorer
- Turn off shell protocol protected mode
- Turn off the caching of thumbnails in hidden thumbs.db files
- Turn off the display of snippets in Content view mode
- Turn off the display of thumbnails and only display icons.
- Turn off the display of thumbnails and only display icons on network folders
- Turn off Windows+X hotkeys
- Turn off Windows Libraries features that rely on indexed file data
- Turn on Classic Shell
- Windows Installer
- Windows Logon Options
- Windows Media Center
- Windows Media Player
- Networking
- Playback
- User Interface
- Prevent CD and DVD Media Information Retrieval
- Prevent Music File Media Information Retrieval
- Prevent Radio Station Preset Retrieval
- Windows Messenger
- Windows Mobility Center
- Windows SideShow
- Windows Update