使用脚本更改Internet Explorer安全设置 [英] Change Internet Explorer security settings using a script

问题描述

任何想法如何使用脚本更改Internet Explorer-本地Intranet区域安全设置？



我尝试了一些但没有成功

我设法找到了我想要更改的这些设置和密钥代码：

Any idea how can I Change Internet Explorer- Local Intranet zone security settings using a script?

I tried few things but no success
I manage to found these settings and key codes which I am looking to change:

Local Intranet Zone->  1        
--
Enable: 2201  ActiveX controls and plug-ins: Automatic prompting for ActiveX controls
Enable: 1201  ActiveX controls and plug-ins: Initialize and script ActiveX controls not marked as safe for scripting
--
Disable: 2102     Miscellaneous: Allow script initiated windows without size or position constraints
Enable:  1406     Miscellaneous: Access data sources across domains
Disable: 1809     Miscellaneous: Use Pop-up Blocker
Disable: 2301     Miscellaneous: Use SmartScreen Filter
--
Enable:  1407     Scripting: Allow Programmatic clipboard access
--
0x00000000 Automatically logon with current username and password

来源： HT tp：//support.microsoft.com/kb/182569/en-us [ ^ ]





任何帮助将不胜感激。谢谢。

Source: http://support.microsoft.com/kb/182569/en-us[^]


Any help would be appreciated. Thanks.

推荐答案

请看我对这个问题的评论。但是，帖子末尾的链接表明您可能意味着系统注册表脚本。你能行的;为了安全起见，这将需要特权提升，这是很自然的。



执行以下操作：运行Regedit（确认安全性提升），找到有问题的注册表项。做你需要为IE做的修改。更好的是，在IE中进行更改，看看它们有什么不同。您可以保留部分注册表并在以后恢复;请参阅下文。



现在，在Regedit中，选择已更改数据的父节点，然后使用 F ile - > 电子 XPORT 的。您将获得一些.reg文件。

下次，当您或您的用户需要相同的更改时，请单击此文件（同样，将需要提升权限）。它将执行注册表脚本，将注册表修改为此文件中记录的数据。同样，您可以通过shell以任何其他方式执行此文件：以编程方式启动进程，使用批处理文件，其他一些脚本系统，等等。



就是这样。



但是，要结束这个问题，我想注意：为什么要关注任何特定于IE的用户？用户应该根据自己的选择使用任何Web浏览器。并且自己关心安全性。基本上，我同意Wes Aday对问题的评论。



此外，我建议你永远不要允许ActiveX控件;它们通常太不安全。但是，公司会这样做，但仅限于内部网并受内部公司脚本的限制。不管怎么说，这不是最好的做法。

-SA

Please see my comment to the question. But your link at the end of the post suggests that you may mean the system registry "script". You can do it; and it will require privilege elevation, which is natural, for safety.

Do the following: run Regedit (confirm security elevation), locate the registry key in question. Do the modifications you need to do for IE. Better yet, do the changes in IE, and see what difference they make. You can preserve part of the Register and restore it later; see below.

Now, in Regedit, select the parent node of the changed data, and export in in a file using File —> Export. You will obtain some .reg file.
Next time, when you or your user needs the same changes, click on this file (again, elevation of the privileges will be required). It will "execute the registry scrip), modifying the registry to the data recorded in this file. Likewise, you can execute this file through a shell in any other way: programmatically starting a process, using a batch file, some other scripting system, and the like.

That's all.

But, to close the issue, I would like to note: why taking care about anything IE-specific? The users should use any Web browsers by their choice. And care about security by themselves. Basically, I agree with the comment to the question by Wes Aday.

Besides, I suggest you never allow ActiveX controls; they are too unsafe in general. However, corporations do it, but only for intranet and limited by internal corporate scripts. Not the best practice, anyway.

—SA

这篇关于使用脚本更改Internet Explorer安全设置的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！