Prevent the configuration of cipher strength update information URLs
This policy setting prevents the configuration of cipher strength update information URLs. When you log on to secure pages, access cannot be granted unless your Internet browser connects with a prespecified encryption. To ensure that your browser meets this requirement, this policy setting allows you to specify the URL to update your browser security setting.
If you enable this policy setting, the user will not be able to configure the cipher strength update information URL. You must specify the cipher strength update information URL.
If you disable or do not configure this policy setting, the user can configure the cipher strength update information URL.
Supported on: At least Internet Explorer 7.0
Cipher Strength Update Information URL:
| Registry Hive | HKEY_LOCAL_MACHINE |
| Registry Path | Software\Policies\Microsoft\Windows\CurrentVersion |
| Value Name | IEAKUpdateUrl |
| Value Type | REG_SZ |
| Default Value | http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=128bit |
inetres.admx
- Control Panel
- Regional and Language Options
- User Accounts
- Network
- Background Intelligent Transfer Service (BITS)
- Allow BITS Peercaching
- Do not allow the BITS client to use Windows Branch Cache
- Do not allow the computer to act as a BITS Peercaching client
- Do not allow the computer to act as a BITS Peercaching server
- Limit the age of files in the BITS Peercache
- Limit the BITS Peercache size
- Limit the maximum BITS job download time
- Limit the maximum network bandwidth for BITS background transfers
- Limit the maximum network bandwidth used for Peercaching
- Limit the maximum number of BITS jobs for each user
- Limit the maximum number of BITS jobs for this computer
- Limit the maximum number of files allowed in a BITS job
- Limit the maximum number of ranges that can be added to the file in a BITS job
- Set up a maintenance schedule to limit the maximum network bandwidth used for BITS background transfers
- Set up a work schedule to limit the maximum network bandwidth used for BITS background transfers
- Timeout for inactive BITS jobs
- BranchCache
- DNS Client
- Allow DNS Suffix Appending to Unqualified Multi-Label Name Queries
- Connection-Specific DNS Suffix
- DNS Servers
- DNS Suffix Search List
- Dynamic Update
- Primary DNS Suffix Devolution Level
- Primary DNS Suffix Devolution
- Primary DNS Suffix
- Register DNS records with connection-specific DNS suffix
- Register PTR Records
- Registration Refresh Interval
- Replace Addresses In Conflicts
- TTL Set in the A and PTR records
- Turn off Multicast Name Resolution
- Update Security Level
- Update Top Level Domain Zones
- Lanman Server
- Link-Layer Topology Discovery
- Microsoft Peer-to-Peer Networking Services
- Peer Name Resolution Protocol
- Global Clouds
- Link-Local Clouds
- Site-Local Clouds
- Disable password strength validation for Peer Grouping
- Turn off Microsoft Peer-to-Peer Networking Services
- Peer Name Resolution Protocol
- Network Connections
- Windows Defender Firewall
- Domain Profile
- Windows Defender Firewall: Allow ICMP exceptions
- Windows Defender Firewall: Allow inbound file and printer sharing exception
- Windows Defender Firewall: Allow inbound remote administration exception
- Windows Defender Firewall: Allow inbound Remote Desktop exceptions
- Windows Defender Firewall: Allow inbound UPnP framework exceptions
- Windows Defender Firewall: Allow local port exceptions
- Windows Defender Firewall: Allow local program exceptions
- Windows Defender Firewall: Allow logging
- Windows Defender Firewall: Define inbound port exceptions
- Windows Defender Firewall: Define inbound program exceptions
- Windows Defender Firewall: Do not allow exceptions
- Windows Defender Firewall: Prohibit notifications
- Windows Defender Firewall: Prohibit unicast response to multicast or broadcast requests
- Windows Defender Firewall: Protect all network connections
- Standard Profile
- Windows Defender Firewall: Allow ICMP exceptions
- Windows Defender Firewall: Allow inbound file and printer sharing exception
- Windows Defender Firewall: Allow inbound remote administration exception
- Windows Defender Firewall: Allow inbound Remote Desktop exceptions
- Windows Defender Firewall: Allow inbound UPnP framework exceptions
- Windows Defender Firewall: Allow local port exceptions
- Windows Defender Firewall: Allow local program exceptions
- Windows Defender Firewall: Allow logging
- Windows Defender Firewall: Define inbound port exceptions
- Windows Defender Firewall: Define inbound program exceptions
- Windows Defender Firewall: Do not allow exceptions
- Windows Defender Firewall: Prohibit notifications
- Windows Defender Firewall: Prohibit unicast response to multicast or broadcast requests
- Windows Defender Firewall: Protect all network connections
- Windows Defender Firewall: Allow authenticated IPsec bypass
- Domain Profile
- Do not show the "local access only" network icon
- Prohibit installation and configuration of Network Bridge on your DNS domain network
- Prohibit use of Internet Connection Firewall on your DNS domain network
- Require domain users to elevate when setting a network's location
- Route all traffic through the internal network
- Windows Defender Firewall
- Network Connectivity Status Indicator
- Offline Files
- Action on server disconnect
- Administratively assigned offline files
- Allow or Disallow use of the Offline Files feature
- At logoff, delete local copy of user's offline files
- Configure Background Sync
- Configure slow-link mode
- Configure Slow link speed
- Default cache size
- Enable Transparent Caching
- Encrypt the Offline Files cache
- Event logging level
- Exclude files from being cached
- Files not cached
- Initial reminder balloon lifetime
- Limit disk space used by offline files
- Non-default server disconnect actions
- Prevent use of Offline Files folder
- Prohibit 'Make Available Offline' for these file and folders
- Prohibit user configuration of Offline Files
- Reminder balloon frequency
- Reminder balloon lifetime
- Remove 'Make Available Offline'
- Subfolders always available offline
- Synchronize all offline files before logging off
- Synchronize all offline files when logging on
- Synchronize offline files before suspend
- Turn off reminder balloons
- Turn on economical application of administratively assigned Offline Files
- QoS Packet Scheduler
- DSCP value of conforming packets
- DSCP value of non-conforming packets
- Layer-2 priority value
- Limit outstanding packets
- Limit reservable bandwidth
- Set timer resolution
- SNMP
- SSL Configuration Settings
- TCPIP Settings
- Windows Connect Now
- Sets how often a DFS Client discovers DC's
- Background Intelligent Transfer Service (BITS)
- Printers
- Add Printer wizard - Network scan page (Managed network)
- Add Printer wizard - Network scan page (Unmanaged network)
- Allow printers to be published
- Allow Print Spooler to accept client connections
- Allow pruning of published printers
- Always render print jobs on the server
- Automatically publish new printers in Active Directory
- Check published state
- Computer location
- Custom support URL in the Printers folder's left pane
- Directory pruning interval
- Directory pruning priority
- Directory pruning retry
- Disallow installation of printers using kernel-mode drivers
- Execute print drivers in isolated processes
- Extend Point and Print connection to search Windows Update
- Log directory pruning retry events
- Only use Package Point and print
- Override print driver execution compatibility setting reported by print driver
- Package Point and print - Approved servers
- Point and Print Restrictions
- Pre-populate printer search location text
- Printer browsing
- Prune printers that are not automatically republished
- Web-based printing
- System
- Credentials Delegation
- Allow Delegating Default Credentials
- Allow Delegating Default Credentials with NTLM-only Server Authentication
- Allow Delegating Fresh Credentials
- Allow Delegating Fresh Credentials with NTLM-only Server Authentication
- Allow Delegating Saved Credentials
- Allow Delegating Saved Credentials with NTLM-only Server Authentication
- Deny Delegating Default Credentials
- Deny Delegating Fresh Credentials
- Deny Delegating Saved Credentials
- Device Installation
- Device Installation Restrictions
- Allow administrators to override Device Installation Restriction policies
- Allow installation of devices that match any of these device IDs
- Allow installation of devices using drivers that match these device setup classes
- Display a custom message title when device installation is prevented by a policy setting
- Display a custom message when installation is prevented by a policy setting
- Prevent installation of devices not described by other policy settings
- Prevent installation of devices that match any of these device IDs
- Prevent installation of devices using drivers that match these device setup classes
- Prevent installation of removable devices
- Time (in seconds) to force reboot when required for policy changes to take effect
- Allow remote access to the Plug and Play interface
- Configure device installation time-out
- Do not send a Windows error report when a generic driver is installed on a device
- Prevent creation of a system restore point during device activity that would normally prompt creation of a restore point
- Prevent device metadata retrieval from the Internet
- Prevent Windows from sending an error report when a device driver requests additional software during installation
- Prioritize all digitally signed drivers equally during the driver ranking and selection process
- Specify search order for device driver source locations
- Turn off "Found New Hardware" balloons during device installation
- Device Installation Restrictions
- Device Redirection
- Device Redirection Restrictions
- Disk NV Cache
- Disk Quotas
- Distributed COM
- Application Compatibility Settings
- Driver Installation
- Enhanced Storage Access
- Allow Enhanced Storage certificate provisioning
- Allow only USB root hub connected Enhanced Storage devices
- Configure list of Enhanced Storage devices usable on your computer
- Configure list of IEEE 1667 silos usable on your computer
- Do not allow non-Enhanced Storage removable devices
- Do not allow password authentication of Enhanced Storage devices
- Lock Enhanced Storage when the computer is locked
- Filesystem
- Folder Redirection
- Group Policy
- Logging and tracing
- Configure Applications preference logging and tracing
- Configure Data Sources preference logging and tracing
- Configure Devices preference logging and tracing
- Configure Drive Maps preference logging and tracing
- Configure Environment preference logging and tracing
- Configure Files preference logging and tracing
- Configure Folder Options preference logging and tracing
- Configure Folders preference logging and tracing
- Configure Ini Files preference logging and tracing
- Configure Internet Settings preference logging and tracing
- Configure Local Users and Groups preference logging and tracing
- Configure Network Options preference logging and tracing
- Configure Power Options preference logging and tracing
- Configure Printers preference logging and tracing
- Configure Regional Options preference logging and tracing
- Configure Registry preference logging and tracing
- Configure Scheduled Tasks preference logging and tracing
- Configure Services preference logging and tracing
- Configure Shortcuts preference logging and tracing
- Configure Start Menu preference logging and tracing
- Allow asynchronous user Group Policy processing when logging on through Remote Desktop Services
- Allow Cross-Forest User Policy and Roaming User Profiles
- Always use local ADM files for Group Policy Object Editor
- Configure Applications preference extension policy processing
- Configure Data Sources preference extension policy processing
- Configure Devices preference extension policy processing
- Configure Drive Maps preference extension policy processing
- Configure Environment preference extension policy processing
- Configure Files preference extension policy processing
- Configure Folder Options preference extension policy processing
- Configure Folders preference extension policy processing
- Configure Ini Files preference extension policy processing
- Configure Internet Settings preference extension policy processing
- Configure Local Users and Groups preference extension policy processing
- Configure Network Options preference extension policy processing
- Configure Power Options preference extension policy processing
- Configure Printers preference extension policy processing
- Configure Regional Options preference extension policy processing
- Configure Registry preference extension policy processing
- Configure Scheduled Tasks preference extension policy processing
- Configure Services preference extension policy processing
- Configure Shortcuts preference extension policy processing
- Configure Start Menu preference extension policy processing
- Disallow Interactive Users from generating Resultant Set of Policy data
- Disk Quota policy processing
- EFS recovery policy processing
- Folder Redirection policy processing
- Group Policy refresh interval for computers
- Group Policy refresh interval for domain controllers
- Group Policy slow link detection
- Internet Explorer Maintenance policy processing
- IP Security policy processing
- Registry policy processing
- Remove users ability to invoke machine policy refresh
- Scripts policy processing
- Security policy processing
- Software Installation policy processing
- Startup policy processing wait time
- Turn off background refresh of Group Policy
- Turn off Local Group Policy objects processing
- Turn off Resultant Set of Policy logging
- User Group Policy loopback processing mode
- Wired policy processing
- Wireless policy processing
- Logging and tracing
- Internet Communication Management
- Internet Communication settings
- Turn off access to all Windows Update features
- Turn off Automatic Root Certificates Update
- Turn off downloading of print drivers over HTTP
- Turn off Event Viewer "Events.asp" links
- Turn off handwriting personalization data sharing
- Turn off handwriting recognition error reporting
- Turn off Help and Support Center "Did you know?" content
- Turn off Help and Support Center Microsoft Knowledge Base search
- Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com
- Turn off Internet download for Web publishing and online ordering wizards
- Turn off Internet File Association service
- Turn off printing over HTTP
- Turn off Registration if URL connection is referring to Microsoft.com
- Turn off Search Companion content file updates
- Turn off the "Order Prints" picture task
- Turn off the "Publish to Web" task for files and folders
- Turn off the Windows Messenger Customer Experience Improvement Program
- Turn off Windows Customer Experience Improvement Program
- Turn off Windows Error Reporting
- Turn off Windows Network Connectivity Status Indicator active tests
- Turn off Windows Update device driver searching
- Restrict Internet communication
- Internet Communication settings
- iSCSI
- General iSCSI
- iSCSI Security
- iSCSI Target Discovery
- KDC
- Kerberos
- Locale Services
- Logon
- Always use classic logon
- Always use custom logon background
- Always wait for the network at computer startup and logon
- Assign a default domain for logon
- Don't display the Getting Started welcome screen at logon
- Do not process the legacy run list
- Do not process the run once list
- Exclude credential providers
- Hide entry points for Fast User Switching
- Run these programs at user logon
- Turn off Windows Startup Sound
- Net Logon
- DC Locator DNS Records
- Automated Site Coverage by the DC Locator DNS SRV Records
- DC Locator DNS records not registered by the DCs
- Domain Controller Address Type Returned
- Do not process incoming mailslot messages used for domain controller location based on NetBIOS domain names
- Dynamic Registration of the DC Locator DNS Records
- Force Rediscovery Interval
- Location of the DCs hosting a domain with single label DNS name
- Priority Set in the DC Locator DNS SRV Records
- Refresh Interval of the DC Locator DNS Records
- Sites Covered by the Application Directory Partition Locator DNS SRV Records
- Sites Covered by the DC Locator DNS SRV Records
- Sites Covered by the GC Locator DNS SRV Records
- Try Next Closest Site
- TTL Set in the DC Locator DNS Records
- Weight Set in the DC Locator DNS SRV Records
- Allow cryptography algorithms compatible with Windows NT 4.0
- Contact PDC on logon failure
- Expected dial-up delay on logon
- Final DC Discovery Retry Setting for Background Callers
- Initial DC Discovery Retry Setting for Background Callers
- Log File Debug Output Level
- Maximum DC Discovery Retry Interval Setting for Background Callers
- Maximum Log File Size
- Negative DC Discovery Cache Setting
- Positive Periodic DC Cache Refresh for Background Callers
- Positive Periodic DC Cache Refresh for Non-Background Callers
- Scavenge Interval
- Site Name
- DC Locator DNS Records
- Performance Control Panel
- Power Management
- Button Settings
- Select the lid switch action (on battery)
- Select the lid switch action (plugged in)
- Select the Power button action (on battery)
- Select the Power button action (plugged in)
- Select the Sleep button action (on battery)
- Select the Sleep button action (plugged in)
- Select the Start menu Power button action (on battery)
- Select the Start menu Power button action (plugged in)
- Hard Disk Settings
- Notification Settings
- Sleep Settings
- Allow applications to prevent automatic sleep (on battery)
- Allow applications to prevent automatic sleep (plugged in)
- Allow automatic sleep with Open Network Files (on battery)
- Allow automatic sleep with Open Network Files (plugged in)
- Allow standby states (S1-S3) when sleeping (on battery)
- Allow standby states (S1-S3) when sleeping (plugged in)
- Require a password when a computer wakes (on battery)
- Require a password when a computer wakes (plugged in)
- Specify the system hibernate timeout (on battery)
- Specify the system hibernate timeout (plugged in)
- Specify the system sleep timeout (on battery)
- Specify the system sleep timeout (plugged in)
- Specify the unattended sleep timeout (on battery)
- Specify the unattended sleep timeout (plugged in)
- Turn off hybrid sleep (on battery)
- Turn off hybrid sleep (plugged in)
- Turn on the ability for applications to prevent sleep transitions (on battery)
- Turn on the ability for applications to prevent sleep transitions (plugged in)
- Video and Display Settings
- Reduce display brightness (on battery)
- Reduce display brightness (plugged in)
- Specify the display dim brightness (on battery)
- Specify the display dim brightness (plugged in)
- Turn off adaptive display timeout (on battery)
- Turn off adaptive display timeout (plugged in)
- Turn off the display (on battery)
- Turn off the display (plugged in)
- Turn on desktop background slideshow (on battery)
- Turn on desktop background slideshow (plugged in)
- Select an active power plan
- Specify a custom active power plan
- Button Settings
- Recovery
- Remote Assistance
- Remote Procedure Call
- Removable Storage Access
- All Removable Storage: Allow direct access in remote sessions
- All Removable Storage classes: Deny all access
- CD and DVD: Deny execute access
- CD and DVD: Deny read access
- CD and DVD: Deny write access
- Custom Classes: Deny read access
- Custom Classes: Deny write access
- Floppy Drives: Deny execute access
- Floppy Drives: Deny read access
- Floppy Drives: Deny write access
- Removable Disks: Deny execute access
- Removable Disks: Deny read access
- Removable Disks: Deny write access
- Tape Drives: Deny execute access
- Tape Drives: Deny read access
- Tape Drives: Deny write access
- Time (in seconds) to force reboot
- WPD Devices: Deny read access
- WPD Devices: Deny write access
- Scripts
- Allow logon scripts when NetBIOS or WINS is disabled
- Maximum wait time for Group Policy scripts
- Run logon scripts synchronously
- Run shutdown scripts visible
- Run startup scripts asynchronously
- Run startup scripts visible
- Run Windows PowerShell scripts first at computer startup, shutdown
- Run Windows PowerShell scripts first at user logon, logoff
- Server Manager
- Shutdown Options
- System Restore
- Troubleshooting and Diagnostics
- Application Compatibility Diagnostics
- Detect application failures caused by deprecated COM objects
- Detect application failures caused by deprecated Windows DLLs
- Detect application installers that need to be run as administrator
- Detect application install failures
- Detect applications unable to launch installers under UAC
- Notify blocked drivers
- Corrupted File Recovery
- Disk Diagnostic
- Fault Tolerant Heap
- Microsoft Support Diagnostic Tool
- MSI Corrupted File Recovery
- Scheduled Maintenance
- Scripted Diagnostics
- Configure Security Policy for Scripted Diagnostics
- Troubleshooting: Allow users to access and run Troubleshooting Wizards
- Troubleshooting: Allow users to access online troubleshooting content on Microsoft servers from the Troubleshooting Control Panel (via the Windows Online Troubleshooting Service - WOTS)
- Windows Boot Performance Diagnostics
- Windows Memory Leak Diagnosis
- Windows Performance PerfTrack
- Windows Resource Exhaustion Detection and Resolution
- Windows Shutdown Performance Diagnostics
- Windows Standby/Resume Performance Diagnostics
- Windows System Responsiveness Performance Diagnostics
- Diagnostics: Configure scenario execution level
- Diagnostics: Configure scenario retention
- Application Compatibility Diagnostics
- Trusted Platform Module Services
- User Profiles
- Add the Administrators security group to roaming user profiles
- Background upload of a roaming user profile's registry file while user is logged on
- Delete cached copies of roaming profiles
- Delete user profiles older than a specified number of days on system restart
- Do not check for user ownership of Roaming Profile Folders
- Do not detect slow network connections
- Do not forcefully unload the users registry at user logoff
- Do not log users on with temporary profiles
- Leave Windows Installer and Group Policy Software Installation Data
- Maximum retries to unload and update user profile
- Only allow local user profiles
- Prevent Roaming Profile changes from propagating to the server
- Prompt user when a slow network connection is detected
- Set maximum wait time for the network if a user has a roaming user profile or remote home directory
- Set roaming profile path for all users logging onto this computer
- Slow network connection timeout for user profiles
- Timeout for dialog boxes
- Wait for remote user profile
- Windows File Protection
- Windows HotStart
- Windows Time Service
- Activate Shutdown Event Tracker System State Data feature
- Allow Distributed Link Tracking clients to use domain resources
- Display Shutdown Event Tracker
- Do not automatically encrypt files moved to encrypted folders
- Do not display Manage Your Server page at logon
- Do not turn off system power after a Windows system shutdown has occurred.
- Download missing COM components
- Enable Persistent Time Stamp
- Remove Boot / Shutdown / Logon / Logoff status messages
- Restrict potentially unsafe HTML Help functions to specified folders
- Restrict these programs from being launched from Help
- Specify Windows installation file location
- Specify Windows Service Pack installation file location
- Turn off Data Execution Prevention for HTML Help Executible
- Verbose vs normal status messages
- Credentials Delegation
- Windows Components
- Active Directory Federation Services
- ActiveX Installer Service
- Add features to Windows 8.1
- Application Compatibility
- AutoPlay Policies
- Backup
- Client
- Prevent backing up to local disks
- Prevent backing up to network location
- Prevent backing up to optical media (CD/DVD)
- Prevent the user from running the Backup Status and Configuration program
- Turn off restore functionality
- Turn off the ability to back up data files
- Turn off the ability to create a system image
- Server
- Client
- Biometrics
- BitLocker Drive Encryption
- Fixed Data Drives
- Allow access to BitLocker-protected fixed data drives from earlier versions of Windows
- Choose how BitLocker-protected fixed drives can be recovered
- Configure use of passwords for fixed data drives
- Configure use of smart cards on fixed data drives
- Deny write access to fixed drives not protected by BitLocker
- Operating System Drives
- Allow enhanced PINs for startup
- Choose how BitLocker-protected operating system drives can be recovered
- Configure minimum PIN length for startup
- Configure TPM platform validation profile
- Require additional authentication at startup (Windows Server 2008 and Windows Vista)
- Require additional authentication at startup
- Removable Data Drives
- Allow access to BitLocker-protected removable data drives from earlier versions of Windows
- Choose how BitLocker-protected removable drives can be recovered
- Configure use of passwords for removable data drives
- Configure use of smart cards on removable data drives
- Control use of BitLocker on removable drives
- Deny write access to removable drives not protected by BitLocker
- Choose default folder for recovery password
- Choose drive encryption method and cipher strength
- Choose how users can recover BitLocker-protected drives (Windows Server 2008 and Windows Vista)
- Prevent memory overwrite on restart
- Provide the unique identifiers for your organization
- Store BitLocker recovery information in Active Directory Domain Services(Windows Server 2008 and Windows Vista)
- Validate smart card certificate usage rule compliance
- Fixed Data Drives
- Credential User Interface
- Desktop Gadgets
- Desktop Window Manager
- Digital Locker
- Event Forwarding
- Event Log Service
- Application
- Security
- Setup
- System
- Event Viewer
- Game Explorer
- HomeGroup
- Internet Explorer
- Accelerators
- Application Compatibility
- Enable cut, copy or paste operations from the clipboard if URLACTION_SCRIPT_PASTE is set to Prompt
- Compatibility View
- Corporate Settings
- Delete Browsing History
- Configure Delete Browsing History on exit
- Disable "Configuring History"
- Prevent Deleting Cookies
- Prevent Deleting Favorites Site Data
- Prevent Deleting Form Data
- Prevent Deleting InPrivate Filtering data
- Prevent Deleting Passwords
- Prevent Deleting Temporary Internet Files
- Prevent Deleting Web sites that the User has Visited
- Prevent the deletion of temporary Internet files and cookies
- Turn off "Delete Browsing History" functionality
- InPrivate
- Internet Control Panel
- Advanced Page
- Allow active content from CDs to run on user machines
- Allow Install On Demand (except Internet Explorer)
- Allow Install On Demand (Internet Explorer)
- Allow software to run or install even if the signature is invalid
- Allow third-party browser extensions
- Automatically check for Internet Explorer updates
- Check for server certificate revocation
- Check for signatures on downloaded programs
- Do not allow resetting Internet Explorer settings
- Do not save encrypted pages to disk
- Empty Temporary Internet Files folder when browser is closed
- Play animations in web pages
- Play sounds in web pages
- Play videos in web pages
- Turn off ClearType
- Turn off Encryption Support
- Turn off Profile Assistant
- Turn on Caret Browsing support
- Use HTTP 1.1 through proxy connections
- Use HTTP 1.1
- Security Page
- Internet Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Intranet Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Local Machine Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Internet Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Intranet Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Local Machine Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Restricted Sites Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Trusted Sites Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Restricted Sites Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Trusted Sites Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Internet Zone Template
- Intranet Sites: Include all local (intranet) sites not listed in other zones
- Intranet Sites: Include all network paths (UNCs)
- Intranet Sites: Include all sites that bypass the proxy server
- Intranet Zone Template
- Local Machine Zone Template
- Locked-Down Internet Zone Template
- Locked-Down Intranet Zone Template
- Locked-Down Local Machine Zone Template
- Locked-Down Restricted Sites Zone Template
- Locked-Down Trusted Sites Zone Template
- Restricted Sites Zone Template
- Site to Zone Assignment List
- Trusted Sites Zone Template
- Turn on automatic detection of the intranet
- Turn on Information bar notification for intranet content
- Turn on Warn about Certificate Address Mismatch
- Internet Zone
- Disable the Advanced page
- Disable the Connections page
- Disable the Content page
- Disable the General page
- Disable the Privacy page
- Disable the Programs page
- Disable the Security page
- Prevent ignoring certificate errors
- Send internationalized domain names
- Use UTF-8 for mailto links
- Advanced Page
- Internet Settings
- AutoComplete
- Component Updates
- Help Menu > About Internet Explorer
- Periodic check for updates to Internet Explorer and Internet Tools
- Security Features
- Add-on Management
- AJAX
- Binary Behavior Security Restriction
- Consistent Mime Handling
- Information Bar
- Local Machine Zone Lockdown Security
- Mime Sniffing Safety Feature
- MK Protocol Security Restriction
- Network Protocol Lockdown
- Object Caching Protection
- Protection From Zone Elevation
- Restrict ActiveX Install
- Restrict File Download
- Scripted Window Security Restrictions
- Turn off Data Execution Prevention
- Turn off Data URI Support
- Toolbars
- Add a specific list of search providers to the user's search provider list
- Configure new tab page default behavior
- Customize User Agent String
- Disable Automatic Install of Internet Explorer components
- Disable changing Automatic Configuration settings
- Disable changing connection settings
- Disable changing proxy settings
- Disable Per-User Installation of ActiveX Controls
- Disable Periodic Check for Internet Explorer software updates
- Disable showing the splash screen
- Disable software update shell notifications on program launch
- Do not allow users to enable or disable add-ons
- Enforce Full Screen Mode
- Make proxy settings per-machine (rather than per-user)
- Only use the ActiveX Installer Service for installation of ActiveX Controls
- Pop-up allow list
- Prevent "Fix settings" functionality
- Prevent Bypassing SmartScreen Filter Warnings
- Prevent Internet Explorer Search box from displaying
- Prevent participation in the Customer Experience Improvement Program
- Prevent performance of First Run Customize settings
- Restrict changing the default search provider
- Restrict search providers to a specific list of providers
- Security Zones: Do not allow users to add/delete sites
- Security Zones: Do not allow users to change policies
- Security Zones: Use only machine settings
- Set tab process growth
- Turn off ActiveX opt-in prompt
- Turn off Automatic Crash Recovery Prompt
- Turn off configuration of default behavior of new tab creation
- Turn off configuration of tabbed browsing pop-up behavior
- Turn off configuration of window reuse
- Turn off Crash Detection
- Turn off displaying the Internet Explorer Help Menu
- Turn off Favorites bar
- Turn off Managing Phishing filter
- Turn off Managing Pop-up Allow list
- Turn off managing Pop-up filter level
- Turn off Managing SmartScreen Filter
- Turn off page zooming functionality
- Turn off pop-up management
- Turn off Quick Tabs functionality
- Turn off Reopen Last Browsing Session
- Turn off suggestions for all user-installed providers
- Turn off tabbed browsing
- Turn off the activation of the quick pick menu
- Turn off the auto-complete feature for web addresses
- Turn off the Security Settings Check feature
- Turn on Compatibility Logging
- Turn on menu bar by default
- Internet Information Services
- Location and Sensors
- NetMeeting
- Network Access Protection
- Network Projector
- Online Assistance
- Parental Controls
- Password Synchronization
- Set the interval between synchronization retries for Password Synchronization
- Set the number of synchronization retries for servers running Password Synchronization
- Turn on extensive logging for Password Synchronization
- Turn on the Windows to NIS password synchronization for users that have been migrated to Active Directory
- Presentation Settings
- Remote Desktop Services
- RD Licensing
- Remote Desktop Connection Client
- RemoteFX USB Device Redirection
- Allow .rdp files from unknown publishers
- Allow .rdp files from valid publishers and user's default .rdp settings
- Configure server authentication for client
- Do not allow passwords to be saved
- Prompt for credentials on the client computer
- Specify SHA1 thumbprints of certificates representing trusted .rdp publishers
- Turn Off UDP On Client
- Remote Desktop Session Host
- Application Compatibility
- Connections
- Allow remote start of unlisted programs
- Allow users to connect remotely using Remote Desktop Services
- Automatic reconnection
- Configure keep-alive connection interval
- Deny logoff of an administrator logged in to the console session
- Limit number of connections
- Restrict Remote Desktop Services users to a single Remote Desktop Services session
- Select network detection on the server
- Select RDP transport protocols
- Set rules for remote control of Remote Desktop Services user sessions
- Turn off Fair Share CPU Scheduling
- Device and Resource Redirection
- Allow audio and video playback redirection
- Allow audio recording redirection
- Allow time zone redirection
- Do not allow clipboard redirection
- Do not allow COM port redirection
- Do not allow drive redirection
- Do not allow LPT port redirection
- Do not allow smart card device redirection
- Do not allow supported Plug and Play device redirection
- Limit audio playback quality
- Licensing
- Printer Redirection
- Profiles
- RD Connection Broker
- Remote Session Environment
- Allow desktop composition for remote desktop sessions
- Always show desktop on connection
- Configure image quality for RemoteFX Adaptive Graphics
- Configure RemoteFX Adaptive Graphics
- Configure RemoteFX
- Do not allow font smoothing
- Enable Remote Desktop Protocol 8.0
- Enforce Removal of Remote Desktop Wallpaper
- Limit maximum color depth
- Limit maximum display resolution
- Limit maximum number of monitors
- Optimize visual experience for Remote Desktop Services sessions
- Optimize visual experience when using RemoteFX
- Remove "Disconnect" option from Shut Down dialog
- Remove Windows Security item from Start menu
- Set compression algorithm for RDP data
- Start a program on connection
- Security
- Always prompt for password upon connection
- Do not allow local administrators to customize permissions
- Require secure RPC communication
- Require use of specific security layer for remote (RDP) connections
- Require user authentication for remote connections by using Network Level Authentication
- Server Authentication Certificate Template
- Set client connection encryption level
- Session Time Limits
- Temporary folders
- RSS Feeds
- Search
- OCR
- Add primary intranet search location
- Add secondary intranet search locations
- Allow indexing of encrypted files
- Allow use of diacritics
- Control rich previews for attachments
- Default excluded paths
- Default indexed paths
- Disable indexer backoff
- Do not allow web search
- Enable indexing of online delegate mailboxes
- Enable indexing uncached Exchange folders
- Enable throttling for online mail indexing
- Indexer data location
- Prevent adding UNC locations to index from Control Panel
- Prevent adding user-specified locations to the All Locations menu
- Prevent clients from querying the index remotely
- Prevent customization of indexed locations in Control Panel
- Prevent displaying advanced indexing options in Control Panel
- Prevent indexing certain paths
- Prevent indexing e-mail attachments
- Prevent indexing files in offline files cache
- Prevent indexing Microsoft Office Outlook
- Prevent indexing of certain file types
- Prevent indexing public folders
- Prevent indexing when running on battery power to conserve energy
- Prevent unwanted iFilters and protocol handlers
- Preview pane location
- Set large or small icon view in desktop search results
- Stop indexing in the event of limited hard drive space
- Security Center
- Server for NIS
- Shutdown Options
- Smart Card
- Allow certificates with no extended key usage certificate attribute
- Allow ECC certificates to be used for logon and authentication
- Allow Integrated Unblock screen to be displayed at the time of logon
- Allow signature keys valid for Logon
- Allow time invalid certificates
- Allow user name hint
- Configure root certificate clean up
- Display string when smart card is blocked
- Filter duplicate logon certificates
- Force the reading of all certificates from the smart card
- Notify user of successful smart card driver installation
- Prevent plaintext PINs from being returned by Credential Manager
- Reverse the subject name stored in a certificate when displaying
- Turn on certificate propagation from smart card
- Turn on root certificate propagation from smart card
- Turn on Smart Card Plug and Play service
- Sound Recorder
- Tablet PC
- Accessories
- Cursors
- Handwriting personalization
- Hardware Buttons
- Input Panel
- Disable text prediction
- For tablet pen input, don't show the Input Panel icon
- For touch input, don't show the Input Panel icon
- Include rarely used Chinese, Kanji, or Hanja characters
- Prevent Input Panel tab from appearing
- Switch to the Simplified Chinese (PRC) gestures
- Turn off AutoComplete integration with Input Panel
- Turn off password security in Input Panel
- Turn off tolerant and Z-shaped scratch-out gestures
- Pen Flicks Learning
- Pen UX Behaviors
- Tablet PC Pen Training
- Touch Input
- Task Scheduler
- Windows Calendar
- Windows Color System
- Windows Customer Experience Improvement Program
- Windows Defender
- Check for New Signatures Before Scheduled Scans
- Configure Microsoft SpyNet Reporting
- Turn off Real-Time Monitoring
- Turn off Routinely Taking Action
- Turn off Windows Defender
- Turn on definition updates through both WSUS and the Microsoft Malware Protection Center
- Turn on definition updates through both WSUS and Windows Update
- Windows Error Reporting
- Advanced Error Reporting Settings
- Configure Corporate Windows Error Reporting
- Configure Report Archive
- Configure Report Queue
- Default application reporting settings
- List of applications to always report errors for
- List of applications to be excluded
- List of applications to never report errors for
- Report operating system errors
- Report unplanned shutdown events
- Consent
- Configure Error Reporting
- Disable Logging
- Disable Windows Error Reporting
- Display Error Notification
- Do not send additional data
- Prevent display of the user interface for critical errors
- Advanced Error Reporting Settings
- Windows Explorer
- Previous Versions
- Disable binding directly to IPropertySetStorage without intermediate layers.
- Set a support web page link
- Turn off Data Execution Prevention for Explorer
- Turn off heap termination on corruption
- Turn off numerical sorting in Windows Explorer
- Turn off shell protocol protected mode
- Verify old and new Folder Redirection targets point to the same share before redirecting
- Windows Installer
- Allow admin to install from Remote Desktop Services session
- Always install with elevated privileges
- Baseline file cache maximum size
- Cache transforms in secure location on workstation
- Disable IE security prompt for Windows Installer scripts
- Disable logging via package settings
- Disable Windows Installer
- Enable user control over installs
- Enable user to browse for source while elevated
- Enable user to patch elevated products
- Enable user to use media source while elevated
- Enforce upgrade component rules
- Logging
- Prohibit Flyweight Patching
- Prohibit non-administrators from applying vendor signed updates
- Prohibit patching
- Prohibit removal of updates
- Prohibit rollback
- Prohibit Use of Restart Manager
- Prohibit User Installs
- Remove browse dialog box for new source
- Turn off creation of System Restore Checkpoints
- Windows Logon Options
- Windows Mail
- Windows Media Center
- Windows Media Digital Rights Management
- Windows Media Player
- Windows Messenger
- Windows Mobility Center
- Windows Reliability Analysis
- Windows Remote Management (WinRM)
- WinRM Client
- WinRM Service
- Allow automatic configuration of listeners
- Allow Basic authentication
- Allow CredSSP authentication
- Allow unencrypted traffic
- Disallow Kerberos authentication
- Disallow Negotiate authentication
- Specify channel binding token hardening level
- Turn On Compatibility HTTP Listener
- Turn On Compatibility HTTPS Listener
- Windows Remote Shell
- Windows SideShow
- Windows System Resource Manager
- Windows Update
- Allow Automatic Updates immediate installation
- Allow non-administrators to receive update notifications
- Allow signed updates from an intranet Microsoft update service location
- Automatic Updates detection frequency
- Configure Automatic Updates
- Delay Restart for scheduled installations
- Do not adjust default option to 'Install Updates and Shut Down' in Shut Down Windows dialog box
- Do not display 'Install Updates and Shut Down' option in Shut Down Windows dialog box
- Enable client-side targeting
- Enabling Windows Update Power Management to automatically wake up the system to install scheduled updates
- No auto-restart with logged on users for scheduled automatic updates installations
- Re-prompt for restart with scheduled installations
- Reschedule Automatic Updates scheduled installations
- Specify intranet Microsoft update service location
- Turn on recommended updates via Automatic Updates
- Turn on Software Notifications
- Control Panel
- Add or Remove Programs
- Go directly to Components Wizard
- Hide Add/Remove Windows Components page
- Hide Add New Programs page
- Hide Change or Remove Programs page
- Hide the "Add a program from CD-ROM or floppy disk" option
- Hide the "Add programs from Microsoft" option
- Hide the "Add programs from your network" option
- Hide the Set Program Access and Defaults page
- Remove Add or Remove Programs
- Remove Support Information
- Specify default category for Add New Programs
- Display
- Personalization
- Enable screen saver
- Force a specific visual style file or force Windows Classic
- Force specific screen saver
- Load a specific theme
- Password protect the screen saver
- Prevent changing color scheme
- Prevent changing desktop background
- Prevent changing desktop icons
- Prevent changing mouse pointers
- Prevent changing screen saver
- Prevent changing sounds
- Prevent changing theme
- Prevent changing visual style for windows and buttons
- Prevent changing window color and appearance
- Prohibit selection of visual style font size
- Screen saver timeout
- Printers
- Programs
- Regional and Language Options
- Hide Regional and Language Options administrative options
- Hide the geographic location option
- Hide the select language group options
- Hide user locale selection and customization options
- Restrict selection of Windows menus and dialogs language
- Restricts the UI languages Windows should use for the selected user
- Always open All Control Panel Items when opening Control Panel
- Hide specified Control Panel items
- Prohibit access to Control Panel and PC settings
- Show only specified Control Panel items
- Add or Remove Programs
- Desktop
- Active Directory
- Desktop
- Don't save settings at exit
- Do not add shares of recently opened documents to Network Locations
- Hide and disable all items on the desktop
- Hide Internet Explorer icon on desktop
- Hide Network Locations icon on desktop
- Prevent adding, dragging, dropping and closing the Taskbar's toolbars
- Prohibit adjusting desktop toolbars
- Prohibit User from manually redirecting Profile Folders
- Remove Computer icon on the desktop
- Remove My Documents icon on the desktop
- Remove Properties from the Computer icon context menu
- Remove Properties from the Documents icon context menu
- Remove Properties from the Recycle Bin context menu
- Remove Recycle Bin icon from desktop
- Remove the Desktop Cleanup Wizard
- Turn off Aero Shake window minimizing mouse gesture
- Network
- Network Connections
- Ability to change properties of an all user remote access connection
- Ability to delete all user remote access connections
- Ability to Enable/Disable a LAN connection
- Ability to rename all user remote access connections
- Ability to rename LAN connections
- Ability to rename LAN connections or remote access connections available to all users
- Enable Windows 2000 Network Connections settings for Administrators
- Prohibit access to properties of a LAN connection
- Prohibit access to properties of components of a LAN connection
- Prohibit access to properties of components of a remote access connection
- Prohibit access to the Advanced Settings item on the Advanced menu
- Prohibit access to the New Connection Wizard
- Prohibit access to the Remote Access Preferences item on the Advanced menu
- Prohibit adding and removing components for a LAN or remote access connection
- Prohibit changing properties of a private remote access connection
- Prohibit connecting and disconnecting a remote access connection
- Prohibit deletion of remote access connections
- Prohibit Enabling/Disabling components of a LAN connection
- Prohibit renaming private remote access connections
- Prohibit TCP/IP advanced configuration
- Prohibit viewing of status for an active connection
- Turn off notifications when a connection has only limited or no connectivity
- Offline Files
- Action on server disconnect
- Administratively assigned offline files
- Event logging level
- Initial reminder balloon lifetime
- Non-default server disconnect actions
- Prevent use of Offline Files folder
- Prohibit 'Make Available Offline' for these file and folders
- Prohibit user configuration of Offline Files
- Reminder balloon frequency
- Reminder balloon lifetime
- Remove 'Make Available Offline'
- Synchronize all offline files before logging off
- Synchronize all offline files when logging on
- Synchronize offline files before suspend
- Turn off reminder balloons
- Windows Connect Now
- Network Connections
- Start Menu and Taskbar
- Add "Run in Separate Memory Space" check box to Run dialog box
- Add Logoff to the Start Menu
- Add Search Internet link to Start Menu
- Add the Run command to the Start Menu
- Change Start Menu power button
- Clear history of recently opened documents on exit
- Clear the recent programs list for new users
- Do not allow pinning items in Jump Lists
- Do not allow pinning programs to the Taskbar
- Do not display any custom toolbars in the taskbar
- Do not display or track items in Jump Lists from remote locations
- Do not keep history of recently opened documents
- Do not search communications
- Do not search for files
- Do not search Internet
- Do not search programs and Control Panel items
- Do not use the search-based method when resolving shell shortcuts
- Do not use the tracking-based method when resolving shell shortcuts
- Force classic Start Menu
- Gray unavailable Windows Installer programs Start Menu shortcuts
- Hide the notification area
- Lock all taskbar settings
- Lock the Taskbar
- Prevent changes to Taskbar and Start Menu Settings
- Prevent grouping of taskbar items
- Prevent users from adding or removing toolbars
- Prevent users from moving taskbar to another screen dock location
- Prevent users from rearranging toolbars
- Prevent users from resizing the taskbar
- Remove access to the context menus for the taskbar
- Remove All Programs list from the Start menu
- Remove and prevent access to the Shut Down, Restart, Sleep, and Hibernate commands
- Remove Balloon Tips on Start Menu items
- Remove Clock from the system notification area
- Remove common program groups from Start Menu
- Remove Default Programs link from the Start menu.
- Remove Documents icon from Start Menu
- Remove Downloads link from Start Menu
- Remove drag-and-drop and context menus on the Start Menu
- Remove Favorites menu from Start Menu
- Remove frequent programs list from the Start Menu
- Remove Games link from Start Menu
- Remove Help menu from Start Menu
- Remove Homegroup link from Start Menu
- Remove links and access to Windows Update
- Remove Logoff on the Start Menu
- Remove Music icon from Start Menu
- Remove Network Connections from Start Menu
- Remove Network icon from Start Menu
- Remove Pictures icon from Start Menu
- Remove pinned programs from the Taskbar
- Remove pinned programs list from the Start Menu
- Remove programs on Settings menu
- Remove Recent Items menu from Start Menu
- Remove Recorded TV link from Start Menu
- Remove Run menu from Start Menu
- Remove Search Computer link
- Remove Search link from Start Menu
- Remove See More Results / Search Everywhere link
- Remove the "Undock PC" button from the Start Menu
- Remove the Action Center icon
- Remove the battery meter
- Remove the networking icon
- Remove the volume control icon
- Remove user's folders from the Start Menu
- Remove user folder link from Start Menu
- Remove user name from Start Menu
- Remove Videos link from Start Menu
- Show QuickLaunch on Taskbar
- Turn off all balloon notifications
- Turn off automatic promotion of notification icons to the taskbar
- Turn off feature advertisement balloon notifications
- Turn off notification area cleanup
- Turn off taskbar thumbnails
- Turn off user tracking
- System
- Ctrl+Alt+Del Options
- Driver Installation
- Folder Redirection
- Group Policy
- Create new Group Policy object links disabled by default
- Default name for new Group Policy objects
- Disallow Interactive Users from generating Resultant Set of Policy data
- Enforce Show Policies Only
- Group Policy domain controller selection
- Group Policy refresh interval for users
- Group Policy slow link detection
- Turn off automatic update of ADM files
- Internet Communication Management
- Internet Communication settings
- Turn off downloading of print drivers over HTTP
- Turn off handwriting personalization data sharing
- Turn off handwriting recognition error reporting
- Turn off Help Experience Improvement Program
- Turn off Help Ratings
- Turn off Internet download for Web publishing and online ordering wizards
- Turn off Internet File Association service
- Turn off printing over HTTP
- Turn off the "Order Prints" picture task
- Turn off the "Publish to Web" task for files and folders
- Turn off the Windows Messenger Customer Experience Improvement Program
- Turn off Windows Online
- Restrict Internet communication
- Internet Communication settings
- Locale Services
- Logon
- Performance Control Panel
- Power Management
- Removable Storage Access
- All Removable Storage classes: Deny all access
- CD and DVD: Deny read access
- CD and DVD: Deny write access
- Custom Classes: Deny read access
- Custom Classes: Deny write access
- Floppy Drives: Deny read access
- Floppy Drives: Deny write access
- Removable Disks: Deny read access
- Removable Disks: Deny write access
- Tape Drives: Deny read access
- Tape Drives: Deny write access
- Time (in seconds) to force reboot
- WPD Devices: Deny read access
- WPD Devices: Deny write access
- Scripts
- User Profiles
- Windows HotStart
- Century interpretation for Year 2000
- Custom User Interface
- Don't display the Getting Started welcome screen at logon
- Don't run specified Windows applications
- Download missing COM components
- Prevent access to registry editing tools
- Prevent access to the command prompt
- Restrict these programs from being launched from Help
- Run only specified Windows applications
- Windows Automatic Updates
- Windows Components
- Add features to Windows 8.1
- Application Compatibility
- Attachment Manager
- Default risk level for file attachments
- Do not preserve zone information in file attachments
- Hide mechanisms to remove zone information
- Inclusion list for high risk file types
- Inclusion list for low file types
- Inclusion list for moderate risk file types
- Notify antivirus programs when opening attachments
- Trust logic for file attachments
- AutoPlay Policies
- Backup
- Client
- Prevent backing up to local disks
- Prevent backing up to network location
- Prevent backing up to optical media (CD/DVD)
- Prevent the user from running the Backup Status and Configuration program
- Turn off restore functionality
- Turn off the ability to back up data files
- Turn off the ability to create a system image
- Client
- Desktop Gadgets
- Desktop Window Manager
- Digital Locker
- Instant Search
- Internet Explorer
- Accelerators
- Administrator Approved Controls
- Application Compatibility
- Enable cut, copy or paste operations from the clipboard if URLACTION_SCRIPT_PASTE is set to Prompt
- Browser menus
- Disable Context menu
- Disable Open in New Window menu option
- Disable Save this program to disk option
- File menu: Disable closing the browser and Explorer windows
- File menu: Disable New menu option
- File menu: Disable Open menu option
- File menu: Disable Save As... menu option
- File menu: Disable Save As Web Page Complete
- Help menu: Remove 'For Netscape Users' menu option
- Help menu: Remove 'Send Feedback' menu option
- Help menu: Remove 'Tip of the Day' menu option
- Help menu: Remove 'Tour' menu option
- Hide Favorites menu
- Tools menu: Disable Internet Options... menu option
- Turn off Print Menu
- View menu: Disable Full Screen menu option
- View menu: Disable Source menu option
- Compatibility View
- Delete Browsing History
- Configure Delete Browsing History on exit
- Disable "Configuring History"
- Prevent Deleting Cookies
- Prevent Deleting Favorites Site Data
- Prevent Deleting Form Data
- Prevent Deleting InPrivate Filtering data
- Prevent Deleting Passwords
- Prevent Deleting Temporary Internet Files
- Prevent Deleting Web sites that the User has Visited
- Prevent the deletion of temporary Internet files and cookies
- Turn off "Delete Browsing History" functionality
- InPrivate
- Internet Control Panel
- Advanced Page
- Allow active content from CDs to run on user machines
- Allow Install On Demand (except Internet Explorer)
- Allow Install On Demand (Internet Explorer)
- Allow software to run or install even if the signature is invalid
- Allow third-party browser extensions
- Automatically check for Internet Explorer updates
- Check for server certificate revocation
- Check for signatures on downloaded programs
- Do not allow resetting Internet Explorer settings
- Do not save encrypted pages to disk
- Empty Temporary Internet Files folder when browser is closed
- Play animations in web pages
- Play sounds in web pages
- Play videos in web pages
- Turn off ClearType
- Turn off Encryption Support
- Turn off Profile Assistant
- Turn on Caret Browsing support
- Use HTTP 1.1 through proxy connections
- Use HTTP 1.1
- Security Page
- Internet Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Intranet Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Local Machine Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Internet Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Intranet Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Local Machine Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Restricted Sites Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Locked-Down Trusted Sites Zone
- Access data sources across domains
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Restricted Sites Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Trusted Sites Zone
- Access data sources across domains
- Allow active content over restricted protocols to access my computer
- Allow active scripting
- Allow binary and script behaviors
- Allow cut, copy or paste operations from the clipboard via script
- Allow drag and drop or copy and paste files
- Allow file downloads
- Allow font downloads
- Allow installation of desktop items
- Allow META REFRESH
- Allow OpenSearch queries in Windows Explorer
- Allow previewing and custom thumbnails of OpenSearch query results in Windows Explorer
- Allow script-initiated windows without size or position constraints
- Allow scripting of Internet Explorer web browser control
- Allow Scriptlets
- Allow status bar updates via script
- Allow video and animation on a Web page that uses a legacy media player
- Allow websites to open windows without address or status bars
- Allow websites to prompt for information using scripted windows
- Automatic prompting for ActiveX controls
- Automatic prompting for file downloads
- Disable .NET Framework Setup
- Display mixed content
- Do not prompt for client certificate selection when no certificates or only one certificate exists.
- Download signed ActiveX controls
- Download unsigned ActiveX controls
- Include local directory path when uploading files to a server
- Initialize and script ActiveX controls not marked as safe
- Java permissions
- Launching applications and files in an IFRAME
- Launching programs and unsafe files
- Logon options
- Loose XAML files
- Only allow approved domains to use ActiveX controls without prompt
- Open files based on content, not file extension
- Run .NET Framework-reliant components not signed with Authenticode
- Run .NET Framework-reliant components signed with Authenticode
- Run ActiveX controls and plugins
- Script ActiveX controls marked safe for scripting
- Scripting of Java applets
- Software channel permissions
- Submit non-encrypted form data
- Turn Off First-Run Opt-In
- Turn on Cross-Site Scripting (XSS) Filter
- Turn on Protected Mode
- Use Pop-up Blocker
- Userdata persistence
- Use SmartScreen Filter
- Web sites in less privileged Web content zones can navigate into this zone
- XAML browser applications
- XPS documents
- Internet Zone Template
- Intranet Sites: Include all local (intranet) sites not listed in other zones
- Intranet Sites: Include all network paths (UNCs)
- Intranet Sites: Include all sites that bypass the proxy server
- Intranet Zone Template
- Local Machine Zone Template
- Locked-Down Internet Zone Template
- Locked-Down Intranet Zone Template
- Locked-Down Local Machine Zone Template
- Locked-Down Restricted Sites Zone Template
- Locked-Down Trusted Sites Zone Template
- Restricted Sites Zone Template
- Site to Zone Assignment List
- Trusted Sites Zone Template
- Turn on automatic detection of the intranet
- Turn on Information bar notification for intranet content
- Turn on Warn about Certificate Address Mismatch
- Internet Zone
- Disable the Advanced page
- Disable the Connections page
- Disable the Content page
- Disable the General page
- Disable the Privacy page
- Disable the Programs page
- Disable the Security page
- Prevent ignoring certificate errors
- Send internationalized domain names
- Use UTF-8 for mailto links
- Advanced Page
- Internet Settings
- Advanced settings
- Browsing
- Internet Connection Wizard Settings
- Multimedia
- Printing
- Searching
- Signup Settings
- AutoComplete
- Display settings
- General Colors
- Link Colors
- Prevent users from choosing default text size
- URL Encoding
- Advanced settings
- Offline Pages
- Disable adding channels
- Disable adding schedules for offline pages
- Disable all scheduled offline pages
- Disable channel user interface completely
- Disable downloading of site subscription content
- Disable editing and creating of schedule groups
- Disable editing schedules for offline pages
- Disable offline page hit logging
- Disable removing channels
- Disable removing schedules for offline pages
- Subscription Limits
- Persistence Behavior
- Security Features
- Add-on Management
- AJAX
- Binary Behavior Security Restriction
- Consistent Mime Handling
- Information Bar
- Local Machine Zone Lockdown Security
- Mime Sniffing Safety Feature
- MK Protocol Security Restriction
- Network Protocol Lockdown
- Object Caching Protection
- Protection From Zone Elevation
- Restrict ActiveX Install
- Restrict File Download
- Scripted Window Security Restrictions
- Turn off Data URI Support
- Toolbars
- Auto-hide the Toolbars
- Configure Toolbar Buttons
- Customize Command Labels
- Disable customizing browser toolbar buttons
- Disable customizing browser toolbars
- Hide the Command Bar
- Hide the Status Bar
- Lock all Toolbars
- Set location of Stop and Refresh buttons
- Turn off Developer Tools
- Turn off toolbar upgrade tool
- Use large Icons for Command Buttons
- Add a specific list of search providers to the user's search provider list
- Configure Media Explorer Bar
- Configure new tab page default behavior
- Configure Outlook Express
- Customize User Agent String
- Disable AutoComplete for forms
- Disable caching of Auto-Proxy scripts
- Disable changing accessibility settings
- Disable changing Advanced page settings
- Disable changing Automatic Configuration settings
- Disable changing Calendar and Contact settings
- Disable changing certificate settings
- Disable changing color settings
- Disable changing connection settings
- Disable changing default browser check
- Disable changing font settings
- Disable changing home page settings
- Disable changing language settings
- Disable changing link color settings
- Disable changing Messaging settings
- Disable changing Profile Assistant settings
- Disable changing proxy settings
- Disable changing ratings settings
- Disable changing secondary home page settings
- Disable changing Temporary Internet files settings
- Disable external branding of Internet Explorer
- Disable Import/Export Settings wizard
- Disable Internet Connection wizard
- Disable Per-User Installation of ActiveX Controls
- Disable the Reset Web Settings feature
- Display error message on proxy script download failure
- Do not allow users to enable or disable add-ons
- Enforce Full Screen Mode
- Identity Manager: Prevent users from using Identities
- Only use the ActiveX Installer Service for installation of ActiveX Controls
- Pop-up allow list
- Prevent "Fix settings" functionality
- Prevent Bypassing SmartScreen Filter Warnings
- Prevent Internet Explorer Search box from displaying
- Prevent participation in the Customer Experience Improvement Program
- Prevent performance of First Run Customize settings
- Restrict changing the default search provider
- Restrict search providers to a specific list of providers
- Search: Disable Find Files via F3 within the browser
- Search: Disable Search Customization
- Set tab process growth
- Turn off ActiveX opt-in prompt
- Turn off Automatic Crash Recovery Prompt
- Turn off configuration of default behavior of new tab creation
- Turn off configuration of tabbed browsing pop-up behavior
- Turn off configuration of window reuse
- Turn off Crash Detection
- Turn off displaying the Internet Explorer Help Menu
- Turn off Favorites bar
- Turn off Managing Phishing filter
- Turn off Managing Pop-up Allow list
- Turn off managing Pop-up filter level
- Turn off Managing SmartScreen Filter
- Turn off page zooming functionality
- Turn off pop-up management
- Turn off Quick Tabs functionality
- Turn off Reopen Last Browsing Session
- Turn off suggestions for all user-installed providers
- Turn off tabbed browsing
- Turn off Tab Grouping
- Turn off the activation of the quick pick menu
- Turn off the auto-complete feature for web addresses
- Turn off the Security Settings Check feature
- Turn on Compatibility Logging
- Turn on menu bar by default
- Turn on Suggested Sites
- Turn on the auto-complete feature for user names and passwords on forms
- Use Automatic Detection for dial-up connections
- Location and Sensors
- Microsoft Management Console
- Restricted/Permitted snap-ins
- Extension snap-ins
- AppleTalk Routing
- Authorization Manager
- Certification Authority Policy Settings
- Connection Sharing (NAT)
- DCOM Configuration Extension
- Device Manager
- DFS Management Extension
- DHCP Relay Management
- Disk Management Extension
- Event Viewer (Windows Vista)
- Event Viewer
- Extended View (Web View)
- File Server Resource Manager Extension
- IAS Logging
- IGMP Routing
- IP Routing
- IPX RIP Routing
- IPX Routing
- IPX SAP Routing
- Logical and Mapped Drives
- OSPF Routing
- Public Key Policies
- RAS Dialin - User Node
- Remote Access
- Removable Storage
- RIP Routing
- Routing
- Send Console Message
- Service Dependencies
- SMTP Protocol
- SNMP
- Storage Manager for SANS Extension
- System Properties
- Group Policy
- Group Policy snap-in extensions
- Administrative Templates (Computers)
- Administrative Templates (Users)
- Folder Redirection
- Internet Explorer Maintenance
- IP Security Policy Management
- NAP Client Configuration
- Remote Installation Services
- Scripts (Logon/Logoff)
- Scripts (Startup/Shutdown)
- Security Settings
- Software Installation (Computers)
- Software Installation (Users)
- Windows Firewall with Advanced Security
- Wired Network (IEEE 802.3) Policies
- Wireless Network (IEEE 802.11) Policies
- Preference snap-in extensions
- Permit use of Application snap-ins
- Permit use of Applications preference extension
- Permit use of Control Panel Settings (Computers)
- Permit use of Control Panel Settings (Users)
- Permit use of Data Sources preference extension
- Permit use of Devices preference extension
- Permit use of Drive Maps preference extension
- Permit use of Environment preference extension
- Permit use of Files preference extension
- Permit use of Folder Options preference extension
- Permit use of Folders preference extension
- Permit use of Ini Files preference extension
- Permit use of Internet Settings preference extension
- Permit use of Local Users and Groups preference extension
- Permit use of Network Options preference extension
- Permit use of Power Options preference extension
- Permit use of Preferences tab
- Permit use of Printers preference extension
- Permit use of Regional Options preference extension
- Permit use of Registry preference extension
- Permit use of Scheduled Tasks preference extension
- Permit use of Services preference extension
- Permit use of Shortcuts preference extension
- Permit use of Start Menu preference extension
- Resultant Set of Policy snap-in extensions
- Group Policy Management Editor
- Group Policy Management
- Group Policy Object Editor
- Group Policy Starter GPO Editor
- Group Policy tab for Active Directory Tools
- Resultant Set of Policy snap-in
- Group Policy snap-in extensions
- .Net Framework Configuration
- Active Directory Domains and Trusts
- Active Directory Sites and Services
- Active Directory Users and Computers
- ActiveX Control
- ADSI Edit
- Certificates
- Certificate Templates
- Certification Authority
- Component Services
- Computer Management
- Device Manager
- DFS Management
- Disk Defragmenter
- Disk Management
- Distributed File System
- Enterprise PKI
- Event Viewer (Windows Vista)
- Event Viewer
- Failover Clusters Manager
- FAX Service
- File Server Resource Manager
- FrontPage Server Extensions
- Health Registration Authority (HRA)
- Indexing Service
- Internet Authentication Service (IAS)
- Internet Information Services
- IP Security Monitor
- IP Security Policy Management
- Link to Web Address
- Local Users and Groups
- NAP Client Configuration
- Network Policy Server (NPS)
- Online Responder
- Performance Logs and Alerts
- QoS Admission Control
- Remote Desktop Services Configuration
- Remote Desktops
- Removable Storage Management
- Routing and Remote Access
- Security Configuration and Analysis
- Security Templates
- Server Manager
- Services
- Storage Manager for SANs
- System Information
- Telephony
- TPM Management
- Windows Firewall with Advanced Security
- Wireless Monitor
- WMI Control
- Extension snap-ins
- Restrict the user from entering author mode
- Restrict users to the explicitly permitted list of snap-ins
- Restricted/Permitted snap-ins
- NetMeeting
- Application Sharing
- Audio & Video
- Options Page
- Allow persisting automatic acceptance of Calls
- Disable Chat
- Disable Directory services
- Disable NetMeeting 2.x Whiteboard
- Disable Whiteboard
- Enable Automatic Configuration
- Limit the size of sent files
- Prevent adding Directory servers
- Prevent automatic acceptance of Calls
- Prevent changing Call placement method
- Prevent receiving files
- Prevent sending files
- Prevent viewing Web directory
- Set Call Security options
- Set the intranet support Web page
- Network Projector
- Network Sharing
- Presentation Settings
- Remote Desktop Services
- RD Gateway
- Remote Desktop Connection Client
- Remote Desktop Session Host
- Connections
- Device and Resource Redirection
- Printer Redirection
- Remote Session Environment
- Session Time Limits
- RSS Feeds
- Search
- Sound Recorder
- Tablet PC
- Accessories
- Cursors
- Handwriting personalization
- Hardware Buttons
- Input Panel
- Disable text prediction
- For tablet pen input, don't show the Input Panel icon
- For touch input, don't show the Input Panel icon
- Include rarely used Chinese, Kanji, or Hanja characters
- Prevent Input Panel tab from appearing
- Switch to the Simplified Chinese (PRC) gestures
- Turn off AutoComplete integration with Input Panel
- Turn off password security in Input Panel
- Turn off tolerant and Z-shaped scratch-out gestures
- Pen Flicks Learning
- Pen UX Behaviors
- Tablet PC Pen Training
- Touch Input
- Task Scheduler
- Windows Calendar
- Windows Color System
- Windows Error Reporting
- Windows Explorer
- Common Open File Dialog
- Explorer Frame Pane
- Previous Versions
- Allow only per user or approved shell extensions
- Disable binding directly to IPropertySetStorage without intermediate layers.
- Disable Known Folders
- Display confirmation dialog when deleting files
- Display the menu bar in File Explorer
- Do not display the Welcome Center at user logon
- Do not move deleted files to the Recycle Bin
- Do not request alternate credentials
- Do not track Shell shortcuts during roaming
- Hides the Manage item on the Windows Explorer context menu
- Hide these specified drives in My Computer
- Maximum allowed Recycle Bin size
- Maximum number of recent documents
- No Computers Near Me in Network Locations
- No Entire Network in Network Locations
- Pin Internet search sites to the "Search again" links and the Start menu
- Pin Libraries or Search Connectors to the "Search again" links and the Start menu
- Prevent access to drives from My Computer
- Prevent users from adding files to the root of their Users Files folder.
- Remove "Map Network Drive" and "Disconnect Network Drive"
- Remove CD Burning features
- Remove DFS tab
- Remove File menu from Windows Explorer
- Remove Hardware tab
- Remove Search button from Windows Explorer
- Remove Security tab
- Removes the Folder Options menu item from the Tools menu
- Remove the Search the Internet "Search again" link
- Remove UI to change menu animation setting
- Remove Windows Explorer's default context menu
- Request credentials for network installations
- Turn off caching of thumbnail pictures
- Turn off common control and window animations
- Turn off display of recent search entries in the Windows Explorer search box
- Turn off numerical sorting in Windows Explorer
- Turn off shell protocol protected mode
- Turn off the caching of thumbnails in hidden thumbs.db files
- Turn off the display of snippets in Content view mode
- Turn off the display of thumbnails and only display icons.
- Turn off the display of thumbnails and only display icons on network folders
- Turn off Windows+X hotkeys
- Turn off Windows Libraries features that rely on indexed file data
- Turn on Classic Shell
- Windows Installer
- Windows Logon Options
- Windows Mail
- Windows Media Center
- Windows Media Player
- Networking
- Playback
- User Interface
- Prevent CD and DVD Media Information Retrieval
- Prevent Music File Media Information Retrieval
- Prevent Radio Station Preset Retrieval
- Windows Messenger
- Windows Mobility Center
- Windows SideShow
- Windows Update