Windows 7 / Getting Started

---

Group Policy Settings for Internet Explorer 7 and Internet Explorer 8

Table below shows some examples of the more useful settings that apply to both Internet Explorer 7 and Internet Explorer 8. Settings marked as CC can be found at Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\. Settings marked as UC can be found at User Configuration\Administrative Templates \Windows Components\Internet Explorer\.

Group Policy Settings for Internet Explorer 7 and Internet Explorer 8

Setting	CC	UC	Description
Add A Specific List Of Search Providers To The User's Search Provider List	✓	✓	With the help of custom registry settings or a custom administrative template, you can configure custom search providers that will be accessible from the Search toolbar.
Turn Off Crash Detection	✓	✓	Allows you to disable Crash Detection, which automatically disables problematic add-ons. Enable this setting only if you have an internal add-on that is unreliable but still required.
Do Not Allow Users To Enable Or Disable Add-ons	✓	✓	Enable this setting to disable the Add-on Manager.
Turn On Menu Bar By Default	✓	✓	By default, Internet Explorer 7 does not display a menu bar. Users can display the menu bar by pressing the Alt key. Enable this setting to display the menu bar by default.
Disable Caching Of Auto-Proxy Scripts	✓	✓	If you use scripts to configure proxy settings, you can use this setting if you experience problems with script caching.
Disable External Branding Of Internet Explorer	✓	✓	Prevents the customization of logos and title bars in Internet Explorer and Microsoft Office Outlook Express. This custom branding often occurs when users install software from an Internet service provider.
Disable Changing Advanced Page Settings	✓	✓	Enable this policy to prevent users from changing security, multimedia, and printing settings from the Internet Options Advanced tab.
Customize User Agent String	✓	✓	Changes the user-agent string, which browsers use to identify the specific browser type and version to Web servers.
Use Automatic Detection For Dial-Up Connections	✓	✓	Disabled by default, you can enable this policy setting to allow Automatic Detection to use a Dynamic Host Configuration Protocol (DHCP) or Domain Name System (DNS) server to customize the browser the first time it starts.
Move The Menu Bar Above The Navigation Bar	✓	✓	Enable this policy setting to control the placement of the menu bar. If you don't set this, users can configure the location of the menu bar relative to the navigation bar by dragging it.
Turn Off Managing Pop-Up Filter Level	✓	✓	Use this setting to configure whether users can set the Pop-up Filter level. You can't set the Pop-up Filter level directly with this setting; you can only define whether or not users can manage the setting.
Turn Off The Security Settings Check Feature	✓	✓	By default, Internet Explorer will warn users if settings put them at risk. If you configure settings in such a way that Internet Explorer would warn the users, enable this setting to prevent the warning from appearing.
Turn On Compatibility Logging	✓	✓	Enable this setting to log the details of requests that Internet Explorer blocks. Typically, you need to enable this setting only when actively troubleshooting a problem with a Web site.
Enforce Full Screen Mode	✓	✓	Enable this policy only if using a computer as a Web-browsing kiosk.
Configure Media Explorer Bar	✓	✓	Enable this policy if you want to be able to disable the Media Explorer Bar. The Media Explorer Bar plays music and video content from the Internet. Keep in mind that multimedia content is used for legitimate, business-related Web sites more and more often, including replaying meetings and webcasts.
Prevent The Internet Explorer Search Box From Displaying	✓	✓	Enable this policy to force users to use the search provider you configure.
Restrict Changing The Default Search Provider	✓	✓	Enable this policy to hide the search box.
Pop-Up Allow List	✓	✓	Enable this policy and specify a list of sites that should allow pop-ups if you have internal Web sites that require pop-up functionality.
Prevent Participation In The Customer Experience Improvement Program	✓	✓	Microsoft uses the Customer Experience Improvement Program (CEIP) to gather information about how users work with Internet Explorer. If you enable this policy, CEIP will not be used. In some organizations, you might need to disable CEIP to meet confidentiality requirements. If you disable this policy, CEIP will always be used. For more information about CEIP, visit http://www.microsoft.com/products/ceip/.

In addition to the settings in Table above, several subnodes contain additional Internet Explorer-related settings. With the policy settings located in Administrative Templates \Windows Components\Internet Explorer\Administrator Approved Controls (within both User Configuration and Computer Configuration), you can enable or disable specific controls throughout your organization.

With the policy settings located in Administrative Templates\Windows Components \Internet Explorer\Application Compatibility (within both User Configuration and Computer Configuration), you can control cut, copy, and paste operations for Internet Explorer. Typically, you do not need to modify these settings.

With the policy settings located in Administrative Templates\Windows Components \Internet Explorer\Browser Menus (within both User Configuration and Computer Configuration), you can disable specific menu items.

With the policy settings located in Administrative Templates\Windows Components \Internet Explorer\Internet Control Panel (within both User Configuration and Computer Configuration), you can disable specific aspects of the Internet Options dialog box, including individual tabs and settings. Change these settings if you want to prevent users from easily modifying important Internet Explorer settings. This will disable the user interface only and will not prevent users from directly changing registry values.

With the policy settings located in Administrative Templates\Windows Components \Internet Explorer\Internet Settings (within both User Configuration and Computer Configuration), you can configure user interface elements, including AutoComplete, image resizing, smooth scrolling, link colors, and more. You need to change these settings only if one of the default settings proves problematic in your environment.

With the policy settings located in Administrative Templates\Windows Components \Internet Explorer\Offline Pages (within both User Configuration and Computer Configuration), you can disable different aspects of offline pages, which allows users to keep a copy of Web pages for use while disconnected from a network. Typically, you do not need to change these settings.

With the policy settings located in Administrative Templates\Windows Components \Internet Explorer\Persistence Behavior (within both User Configuration and Computer Configuration), you can configure maximum amounts for Dynamic HTML (DHTML) Persistence storage on a per-zone basis. Typically, you do not need to change these settings.

With the policy settings located in Administrative Templates\Windows Components \Internet Explorer\Security Features (within both User Configuration and Computer Configuration), you can configure all aspects of Internet Explorer security.

With the policy settings located in Administrative Templates\Windows Components \Internet Explorer\Toolbars (within both User Configuration and Computer Configuration), you can configure toolbar buttons and disable user customization of these buttons. Users will probably be most familiar with the default button configuration. However, you can modify the default settings to better suit your environment.