Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
_OE-C-Browser_IE_11
Data collected on: 04.10.2021 15:03:14
General
Details
Domainkit.edu
OwnerKIT\Domain Admins
Created28.09.2021 13:41:14
Modified28.09.2021 13:41:14
User Revisions1 (AD), 1 (SYSVOL)
Computer Revisions1 (AD), 1 (SYSVOL)
Unique ID{79E9E0F1-EBD0-47C6-AEB7-7CD5B72404D2}
GPO StatusUser settings disabled
Links
LocationEnforcedLink StatusPath
BSI-TestNoEnabledkit.edu/KIT/Staff/SCC/Betrieb/CMK/Rechnerkonten/BSI-Test
TCS_GPO_TestNoEnabledkit.edu/KIT/Staff/SCC/Dienste/FMC/Rechnerkonten/TCS_GPO_Test

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
KIT\Domain AdminsEdit settings, delete, modify securityNo
KIT\Domain ComputersReadNo
KIT\Enterprise AdminsEdit settings, delete, modify securityNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
Computer Configuration (Enabled)
Policies
Administrative Templates
Policy definitions (ADMX files) retrieved from the central store.
Windows Components/Internet Explorer
PolicySettingComment
Allow Microsoft services to provide enhanced suggestions as the user types in the Address barDisabledMS
Disable Periodic Check for Internet Explorer software updatesEnabledMS
Prevent bypassing SmartScreen Filter warningsEnabledMS
Prevent bypassing SmartScreen Filter warnings about files that are not commonly downloaded from the InternetEnabledMS
Prevent managing SmartScreen FilterEnabledMS
Select SmartScreen Filter modeOff
PolicySettingComment
Prevent per-user installation of ActiveX controlsEnabledMS
Security Zones: Do not allow users to add/delete sitesEnabledMS
Security Zones: Do not allow users to change policiesEnabledMS
Security Zones: Use only machine settings Not ConfiguredMS
Specify use of ActiveX Installer Service for installation of ActiveX controlsEnabledMS
Turn off browser geolocationEnabledMS
Turn off Crash DetectionEnabledMS
Turn off the auto-complete feature for web addressesNot ConfiguredMS
Turn off the Security Settings Check featureDisabledMS
Turn on Suggested SitesDisabledMS
Windows Components/Internet Explorer/Compatibility View
PolicySettingComment
Turn off Compatibility ViewEnabledMS
Windows Components/Internet Explorer/Internet Control Panel
PolicySettingComment
Prevent ignoring certificate errorsEnabledMS
Windows Components/Internet Explorer/Internet Control Panel/Advanced Page
PolicySettingComment
Allow software to run or install even if the signature is invalidDisabledMS
Check for server certificate revocationEnabledMS
Check for signatures on downloaded programsEnabledMS
Do not allow ActiveX controls to run in Protected Mode when Enhanced Protected Mode is enabledEnabledMS
Turn off encryption supportEnabledMS
Secure Protocol combinationsUse TLS 1.1 and TLS 1.2
PolicySettingComment
Turn off the flip ahead with page prediction featureEnabledMS
Turn on 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of WindowsEnabledMS
Turn on Enhanced Protected ModeEnabledMS
Windows Components/Internet Explorer/Internet Control Panel/Security Page
PolicySettingComment
Intranet Sites: Include all network paths (UNCs)EnabledMS
Intranet Sites: Include all sites that bypass the proxy serverEnabledgp-pack
Site to Zone Assignment ListEnabled
Enter the zone assignments here. 
*://*.aussenstellen.dbw.local2
*://*.eob.ads2
*://*.extern.rzei.ads2
*://*.bistum.limburg2
*://*.PARBG.local2
*://*.53cvhosting.local2
*://*.ordinariat-dresden.de2
*://*.kita-passau.local2
*://*.ktb.ads2
*://*.blm.local2
*://*.rzei.ads2
*://*.bistum-passau.local2
*://*.eo-ba.directory2
*://*.EAB.ads2
*://*.pfarrei.dbw.local2
*://*.ktrbg.local2
*://*.wstj.local2
*://*.dbw.local2
*://*.DEMABG00.da.de2
*://*.schule.ds-rebdorf.lokal2
*://*.cvnbg.local2
*://*.pfarrei-bddmei.intern2
*://*.D72BOA.LOC2
*://*.cfe.kirche-bayern.de1
*://*.rz-eichstaett.de2
*://*.kdac.de2
PolicySettingComment
Turn on certificate address mismatch warningEnabledMS
Windows Components/Internet Explorer/Internet Control Panel/Security Page/Internet Zone
PolicySettingComment
Access data sources across domainsEnabledMS
Access data sources across domainsDisable
PolicySettingComment
Allow cut, copy or paste operations from the clipboard via scriptEnabledMS
Allow paste operations via scriptDisable
PolicySettingComment
Allow drag and drop or copy and paste filesEnabledMS
Allow drag and drop or copy and paste filesDisable
PolicySettingComment
Allow loading of XAML filesEnabledMS
XAML FilesDisable
PolicySettingComment
Allow only approved domains to use ActiveX controls without promptEnabledMS
Only allow approved domains to use ActiveX controls without promptEnable
PolicySettingComment
Allow only approved domains to use the TDC ActiveX controlEnabledMS
Only allow approved domains to use the TDC ActiveX controlEnable
PolicySettingComment
Allow scripting of Internet Explorer WebBrowser controlsEnabledMS
Internet Explorer web browser controlDisable
PolicySettingComment
Allow script-initiated windows without size or position constraintsEnabledMS
Allow script-initiated windows without size or position constraintsDisable
PolicySettingComment
Allow scriptletsEnabledMS
ScriptletsDisable
PolicySettingComment
Allow updates to status bar via scriptEnabledMS
Status bar updates via scriptDisable
PolicySettingComment
Allow VBScript to run in Internet ExplorerEnabledMS
Allow VBScript to run in Internet ExplorerDisable
PolicySettingComment
Automatic prompting for file downloadsEnabledMS
Automatic prompting for file downloadsDisable
PolicySettingComment
Don't run antimalware programs against ActiveX controlsEnabledMS
Don't run antimalware programs against ActiveX controlsDisable
PolicySettingComment
Download signed ActiveX controlsEnabledMS
Download signed ActiveX controlsDisable
PolicySettingComment
Download unsigned ActiveX controlsEnabledMS
Download unsigned ActiveX controlsDisable
PolicySettingComment
Enable dragging of content from different domains across windowsEnabledMS
Enable dragging of content from different domains across windowsDisable
PolicySettingComment
Enable dragging of content from different domains within a windowEnabledMS
Enable dragging of content from different domains within a windowDisable
PolicySettingComment
Include local path when user is uploading files to a serverEnabledMS
Include local directory path when uploading files to a serverDisable
PolicySettingComment
Initialize and script ActiveX controls not marked as safeEnabledMS
Initialize and script ActiveX controls not marked as safeDisable
PolicySettingComment
Java permissionsEnabledMS
Java permissionsDisable Java
PolicySettingComment
Launching applications and files in an IFRAMEEnabledMS
Launching applications and files in an IFRAMEDisable
PolicySettingComment
Logon optionsEnabledMS
Logon optionsPrompt for user name and password
PolicySettingComment
Navigate windows and frames across different domainsEnabledMS
Navigate windows and frames across different domainsDisable
PolicySettingComment
Run .NET Framework-reliant components not signed with AuthenticodeEnabledMS
Run .NET Framework-reliant components not signed with AuthenticodeDisable
PolicySettingComment
Run .NET Framework-reliant components signed with AuthenticodeEnabledMS
Run .NET Framework-reliant components signed with AuthenticodeDisable
PolicySettingComment
Show security warning for potentially unsafe filesEnabledMS
Launching programs and unsafe filesPrompt
PolicySettingComment
Turn on Cross-Site Scripting FilterEnabledMS
Turn on Cross-Site Scripting (XSS) FilterEnable
PolicySettingComment
Turn on Protected ModeEnabledMS
Protected ModeEnable
PolicySettingComment
Turn on SmartScreen Filter scanEnabledMS
Use SmartScreen FilterEnable
PolicySettingComment
Use Pop-up BlockerEnabledMS
Use Pop-up BlockerEnable
PolicySettingComment
Userdata persistenceEnabledMS
Userdata persistenceDisable
PolicySettingComment
Web sites in less privileged Web content zones can navigate into this zoneEnabledMS
Web sites in less privileged Web content zones can navigate into this zoneDisable
Windows Components/Internet Explorer/Internet Control Panel/Security Page/Intranet Zone
PolicySettingComment
Don't run antimalware programs against ActiveX controlsEnabledMS
Don't run antimalware programs against ActiveX controlsDisable
PolicySettingComment
Initialize and script ActiveX controls not marked as safeEnabledMS
Initialize and script ActiveX controls not marked as safeDisable
PolicySettingComment
Java permissionsEnabledMS
Java permissionsHigh safety
Windows Components/Internet Explorer/Internet Control Panel/Security Page/Local Machine Zone
PolicySettingComment
Don't run antimalware programs against ActiveX controlsEnabledMS
Don't run antimalware programs against ActiveX controlsDisable
PolicySettingComment
Java permissionsEnabledMS
Java permissionsDisable Java
Windows Components/Internet Explorer/Internet Control Panel/Security Page/Locked-Down Internet Zone
PolicySettingComment
Turn on SmartScreen Filter scanEnabledMS
Use SmartScreen FilterEnable
Windows Components/Internet Explorer/Internet Control Panel/Security Page/Locked-Down Intranet Zone
PolicySettingComment
Java permissionsEnabledMS
Java permissionsDisable Java
Windows Components/Internet Explorer/Internet Control Panel/Security Page/Locked-Down Local Machine Zone
PolicySettingComment
Java permissionsEnabledMS
Java permissionsDisable Java
Windows Components/Internet Explorer/Internet Control Panel/Security Page/Locked-Down Restricted Sites Zone
PolicySettingComment
Java permissionsEnabledMS
Java permissionsDisable Java
PolicySettingComment
Turn on SmartScreen Filter scanEnabledMS
Use SmartScreen FilterEnable
Windows Components/Internet Explorer/Internet Control Panel/Security Page/Locked-Down Trusted Sites Zone
PolicySettingComment
Java permissionsEnabledMS
Java permissionsDisable Java
Windows Components/Internet Explorer/Internet Control Panel/Security Page/Restricted Sites Zone
PolicySettingComment
Access data sources across domainsEnabledMS
Access data sources across domainsDisable
PolicySettingComment
Allow active scriptingEnabledMS
Allow active scriptingDisable
PolicySettingComment
Allow binary and script behaviorsEnabledMS
Allow Binary and Script BehaviorsDisable
PolicySettingComment
Allow cut, copy or paste operations from the clipboard via scriptEnabledMS
Allow paste operations via scriptDisable
PolicySettingComment
Allow drag and drop or copy and paste filesEnabledMS
Allow drag and drop or copy and paste filesDisable
PolicySettingComment
Allow file downloadsEnabledMS
Allow file downloadsDisable
PolicySettingComment
Allow loading of XAML filesEnabledMS
XAML FilesDisable
PolicySettingComment
Allow META REFRESHEnabledMS
Allow META REFRESHDisable
PolicySettingComment
Allow only approved domains to use ActiveX controls without promptEnabledMS
Only allow approved domains to use ActiveX controls without promptEnable
PolicySettingComment
Allow only approved domains to use the TDC ActiveX controlEnabledMS
Only allow approved domains to use the TDC ActiveX controlEnable
PolicySettingComment
Allow scripting of Internet Explorer WebBrowser controlsEnabledMS
Internet Explorer web browser controlDisable
PolicySettingComment
Allow script-initiated windows without size or position constraintsEnabledMS
Allow script-initiated windows without size or position constraintsDisable
PolicySettingComment
Allow scriptletsEnabledMS
ScriptletsDisable
PolicySettingComment
Allow updates to status bar via scriptEnabledMS
Status bar updates via scriptDisable
PolicySettingComment
Allow VBScript to run in Internet ExplorerEnabledMS
Allow VBScript to run in Internet ExplorerDisable
PolicySettingComment
Automatic prompting for file downloadsEnabledMS
Automatic prompting for file downloadsDisable
PolicySettingComment
Don't run antimalware programs against ActiveX controlsEnabledMS
Don't run antimalware programs against ActiveX controlsDisable
PolicySettingComment
Download signed ActiveX controlsEnabledMS
Download signed ActiveX controlsDisable
PolicySettingComment
Download unsigned ActiveX controlsEnabledMS
Download unsigned ActiveX controlsDisable
PolicySettingComment
Enable dragging of content from different domains across windowsEnabledMS
Enable dragging of content from different domains across windowsDisable
PolicySettingComment
Enable dragging of content from different domains within a windowEnabledMS
Enable dragging of content from different domains within a windowDisable
PolicySettingComment
Include local path when user is uploading files to a serverEnabledMS
Include local directory path when uploading files to a serverDisable
PolicySettingComment
Initialize and script ActiveX controls not marked as safeEnabledMS
Initialize and script ActiveX controls not marked as safeDisable
PolicySettingComment
Java permissionsEnabledMS
Java permissionsDisable Java
PolicySettingComment
Launching applications and files in an IFRAMEEnabledMS
Launching applications and files in an IFRAMEDisable
PolicySettingComment
Logon optionsEnabledMS
Logon optionsAnonymous logon
PolicySettingComment
Navigate windows and frames across different domainsEnabledMS
Navigate windows and frames across different domainsDisable
PolicySettingComment
Run .NET Framework-reliant components not signed with AuthenticodeEnabledMS
Run .NET Framework-reliant components not signed with AuthenticodeDisable
PolicySettingComment
Run .NET Framework-reliant components signed with AuthenticodeEnabledMS
Run .NET Framework-reliant components signed with AuthenticodeDisable
PolicySettingComment
Run ActiveX controls and pluginsEnabledMS
Run ActiveX controls and pluginsDisable
PolicySettingComment
Script ActiveX controls marked safe for scriptingEnabledMS
Script ActiveX controls marked safe for scriptingDisable
PolicySettingComment
Scripting of Java appletsEnabledMS
Scripting of Java appletsDisable
PolicySettingComment
Show security warning for potentially unsafe filesEnabledMS
Launching programs and unsafe filesDisable
PolicySettingComment
Turn on Cross-Site Scripting FilterEnabledMS
Turn on Cross-Site Scripting (XSS) FilterEnable
PolicySettingComment
Turn on Protected ModeEnabledMS
Protected ModeEnable
PolicySettingComment
Turn on SmartScreen Filter scanEnabledMS
Use SmartScreen FilterEnable
PolicySettingComment
Use Pop-up BlockerEnabledMS
Use Pop-up BlockerEnable
PolicySettingComment
Userdata persistenceEnabledMS
Userdata persistenceDisable
PolicySettingComment
Web sites in less privileged Web content zones can navigate into this zoneEnabledMS
Web sites in less privileged Web content zones can navigate into this zoneDisable
Windows Components/Internet Explorer/Internet Control Panel/Security Page/Trusted Sites Zone
PolicySettingComment
Don't run antimalware programs against ActiveX controlsEnabledMS
Don't run antimalware programs against ActiveX controlsDisable
PolicySettingComment
Initialize and script ActiveX controls not marked as safeEnabledMS
Initialize and script ActiveX controls not marked as safeDisable
PolicySettingComment
Java permissionsEnabledMS
Java permissionsHigh safety
Windows Components/Internet Explorer/Security Features
PolicySettingComment
Allow fallback to SSL 3.0 (Internet Explorer)EnabledMS
Allow insecure fallback for:No Sites
Windows Components/Internet Explorer/Security Features/Add-on Management
PolicySettingComment
Remove "Run this time" button for outdated ActiveX controls in Internet Explorer EnabledMS
Turn off blocking of outdated ActiveX controls for Internet ExplorerDisabledMS
Windows Components/Internet Explorer/Security Features/Consistent Mime Handling
PolicySettingComment
Internet Explorer ProcessesEnabledMS
Windows Components/Internet Explorer/Security Features/Mime Sniffing Safety Feature
PolicySettingComment
Internet Explorer ProcessesEnabledMS
Windows Components/Internet Explorer/Security Features/MK Protocol Security Restriction
PolicySettingComment
Internet Explorer ProcessesEnabledMS
Windows Components/Internet Explorer/Security Features/Notification bar
PolicySettingComment
Internet Explorer ProcessesEnabledMS
Windows Components/Internet Explorer/Security Features/Protection From Zone Elevation
PolicySettingComment
Internet Explorer ProcessesEnabledMS
Windows Components/Internet Explorer/Security Features/Restrict ActiveX Install
PolicySettingComment
Internet Explorer ProcessesEnabledMS
Windows Components/Internet Explorer/Security Features/Restrict File Download
PolicySettingComment
Internet Explorer ProcessesEnabledMS
Windows Components/Internet Explorer/Security Features/Scripted Window Security Restrictions
PolicySettingComment
Internet Explorer ProcessesEnabledMS
User Configuration (Disabled)
No settings defined.