Securing zone levels in Internet Explorer

Managing and configuring Internet Explorer can be complicated. This is especially true when users meddle with the numerous settings it houses. Users may even unknowingly enable the execution of malicious codes. This highlights the importance of securing Internet Explorer.

In this blog, we’ll talk about restricting users from changing security settings, setting trusted sites, preventing them from changing security zone policies, adding or deleting sites from security zones, and removing the Security tab altogether to ensure that users have a secure environment when using their browser.

Restricting users from changing security settings

A security zone is a list of websites at the same security level. These zones can be thought of as invisible boundaries that prevent certain web-based applications from performing unauthorized actions. These zones easily provide the appropriate level of security for the various types of web content that users are likely to encounter. Usually, sites are added or removed from a zone depending on the functionality available to users on that particular site.

Continue reading “Securing zone levels in Internet Explorer” →

Add Local intranet site via GPO

Add Local intranet via GPO

1. Prepare

– DC : Domain Controller (testdc.com)

– WINClient : Domain Member

 

2. Step by step guide :

Add Local intranet site via GPO

+ DC : Add the Website URL or IP https://testsite.com to Local intranet via GPO

– Server manager > Group Policy Management > Right click “Default Domain policy” : Edit

– User configuration > Policies > Administrative templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page > Site to Zone assignment list : Enable

Continue reading “Add Local intranet site via GPO” →

Deploying Chrome extension using Group Policy

IT administrators can set Chrome policies to install our Chrome extension on their corporate-managed computers. Chrome extension is installed on computers silently and users cannot uninstall it.

Message is visible only in developer mode

Note: This article provides instructions for Windows users. If you are Mac or Linux user, please follow Google instructions how to setup Chrome policy.

1. There are two types of policy templates available, an ADM and an ADMX template. You’ll want to verify which template type you can use on your network (ADM templates are designed for Windows XP / Server 2003, whereas ADMX templates are for Windows Vista onwards.). These templates show which registry keys you can set to configure Chrome, and what the acceptable values are. Chrome looks at the values set in these registry keys to determine how to act.

2. Download Google Chrome templates and documentation.

Continue reading “Deploying Chrome extension using Group Policy” →

How do I enable Remote Desktop connections to Windows using Group Policy on a Windows Server domain?

A. With the rename of Terminal Services to Remote Desktop Services in Server, you also have new locations for the Group Policy settings to enable Remote Desktop.

1. Open the Group Policy Object (GPO) you’ll use for the remote desktop settings.
2. Navigate to Computer Configuration, Policies, Administrative Templates, Network, Network Connections, Windows Firewall, Domain Profile.
3. Double-click Windows Firewall: Allow inbound Remote Desktop exceptions.
4. Set this to Enabled and add the addresses that can connect. This could be * for all IP addresses, specific subnets, or localsubnet for only the local subnet.
5. Click OK.
6. Navigate to Computer Configuration, Policies, Administrative Templates, Windows Components, Remote Desktop Services, Remote Desktop Session Host, Connections.
7. Double-click Allow users to connect remotely using Remote Desktop Services, set it to Enabled, then click OK.
8. Close the Group Policy object and make sure it’s linked to the required locations.

Below is the report of my GPO that enables Remote Desktop. It will also enable Remote Desktop on Windows XP, Windows Server 2003, and later systems.

Error code 0x8024500C can’t install or update apps from store Windows 10

This issue might be due to corruption in the Windows Store.

Please follow the below methods and check if it helps.

Method 1: Try clearing the Store Cache:

a)      Press the Windows key + R keys.

b)      In the Run window, type WSReset.exe and click “Ok”.

 

Method 2:

Step 1: Run App Troubleshooter.

Note: The troubleshooter automatically fixes some issues that might prevent your apps from running, including suboptimal screen resolution and incorrect security or account settings.

http://windows.microsoft.com/en-us/windows-10/run-the-troubleshooter-for-windows-app

Method 3:

Disable proxy Connection

If you use any proxy connection, then follow the steps to disable proxy connection.

1. Gearbox at the top right corner in      Internet Explorer.
2. Tools button, and then click Internet      Options.
3. Connections tab, and then click LAN      settings.
4. Use a proxy server for your LAN check box.
5. ok.

I would also suggest you to check whether the system time and date is correct

 

Method 4:

Press Windows key + X

Click Command Prompt (Admin)

Type in at the prompt OR Copy and Paste these one at a time : (Hit enter after each)

Dism /Online /Cleanup-Image /CheckHealth

Dism /Online /Cleanup-Image /ScanHealth

Dism /Online /Cleanup-Image /RestoreHealth

 

Method 5:

Check the following group policies.

Computer

System\internet communication settings\Turn off Access to all Windows Update Features  [should be disabled]

Windows components\Windows update\Do not connect to any windows update internet locations [should be disabled]

 

Computer

System\internet communication settings\Turn off access to the store

Windows components\store\Turn off the store Application

 

User

System\internet communication settings\Turn off access to the store

Windows components\store\Turn off the Store application