这是我正在做的将互联网区域设置为中等.
1.组策略管理编辑器>用户配置>政策>管理模板> windows组件>网络浏览器>互联网控制面板>安全页面
>我登录到我的xennapp桌面打开IE浏览器,我看到:
>我运行结果向导,我看到:
它看起来像我应该工作,但事实并非如此.有人会介意和我一起帮助我找出我失踪的东西吗?需要注意的是,正在管理的计算机是服务器2008,具有组策略设置的计算机(域控制器)是服务器2003.我知道我们需要从2003切换但这是我们板上的项目明年.
所以我很好奇这个研究它.我没有要测试的2003服务器环境,因此需要“Google Fu”来检查这一点.
原来它是GUI中的“bug”.您应用的策略确实正常工作,它只是在客户端的IE GUI中无法正确显示.愚蠢,是的……但是确实如此.
以下是EE上接受的一个示例,它反映了这一点:
If you see “Some settings are managed by your system administrator”
then it was applied successfully and is on Medium. You can verify
this by clicking custom level and looking at each security option,
they will coincide with what they should be for “Medium”.You can disregard what it says on “Security level for this
zone”…it’s not accurate.For example,if you set it to low,it will still still say
medium/high or high but if you click on custom level you will see
“download unsigned activex controls” is enabled…..which is a option
that is enabled on low and disabled on high. – Jake77444 @ EE
这篇博客也证实了这一点:
IE GPO Zone Templates and the “Open File – Security Warning”
In Conclusion
@H_404_42@Security templates are not visually reflected in the security page of Internet Explorer even though they are applied. Security zone settings are applied to Internet Explorer by doing a gpupdate but a log off/on is required to apply these settings to the
rest of the OSThe “Launching applications and unsafe files” setting determines whether the “Open File – Security Warning” dialog is displayed when
launching applications from a given locationThe “Launching applications and unsafe files” cannot be set with a an indvidual GPO setting. (You could create a custom adm file though) When setting zone security via GPO I recommend making the Internet Explorer security page invisible to users to avoid confusion
as they can still quite happily adjust the security level slider,it
just won’t have any effect!
希望有所帮助!这对我来说是新闻!