-
Disabling IE ESC on a Windows Server 2008 R3 RDSH server
We had a very hard time trying to disable IE ESC on a RDSH server running 2008 R2. All the usual registry fixes people talk about in forums did not work for us. ESC got disabled for admins but not not for users. Eventually I found this setting in the registry which did the trick: [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap]“IEHarden”=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}]“IsInstalled”=dword:00000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}]“IsInstalled”=dword:00000000 Note that we are setting the policies on the computer level…NOT on the user level. Other than these three settings, nothing else is needed. Oh Yes! we did have the delete the profiles of users on the RDSH server and also from the roaming profile…
-
GPO for setting IE’s ESC and compatibility mode
Quick links / info only here. Read detailed description / instructions on the pages linked. Setting ESC: As taken from this web page: How To – Q2: How can I deploy the Windows Server 2008 Internet Explorer Enhanced Security option via group policy? A: The administrative template file inetesc.adm can also be used to deploy the Internet Explorer Enhanced Security Configuration settings on Windows Server 2008. To do so, you can Download the adm file from the following link and import it to the GPO. http://www.microsoft.com/downloads/details.aspx?FamilyID=d41b036c-e2e1-4960-99bb-9757f7e9e31b&DisplayLang=en Here are the detailed steps: 1. Create a new GPO or use an existing GPO to configure the Internet Explorer Enhanced Security setting. 2.…