zoukankan      html  css  js  c++  java
  • Windows Server 2008 R2中关闭“IE增强的安全配置”

    当在Windows Sever 2008 R2中运动IE8的时候会发现默认情况下IE启用了增强的安全配置,为了方便而且是在内网的情况下我们可以关闭IE8的增强安全配置,操作很简单如下步骤。

    一,以本机管理员或是域管理员的身份登陆系统,在“开始”菜单-->“管理工具”-->“服务器管理器”,如下图:(或者点击任务栏上的服务器管理器图标即可)

    Windows <wbr>Server <wbr>2008 <wbr>R2中关闭鈥淚E增强的安全配置鈥
    二,或者在“开始”菜单-->“运行”中输入“servermanager.msc”回车即可,如下图:

    Windows <wbr>Server <wbr>2008 <wbr>R2中关闭鈥淚E增强的安全配置鈥

    三,在打开的服务器管理器窗口中选中“服务器管理器”,然后单右边窗口中的“配置 IE ESC”如下图:

    Windows <wbr>Server <wbr>2008 <wbr>R2中关闭鈥淚E增强的安全配置鈥
    在接下来打开的新窗口中,分别选中“管理员”-->“禁用”,“用户”-->“禁用”。默认情况是开启的,这里全部禁用即可,如下图:

    Windows <wbr>Server <wbr>2008 <wbr>R2中关闭鈥淚E增强的安全配置鈥

    PowerShell 本地化脚本:

    Disable-InternetExplorerESC.ps1
    function Disable-InternetExplorerESC {
        $AdminKey = "HKLM:SOFTWAREMicrosoftActive SetupInstalled Components{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}"
        $UserKey = "HKLM:SOFTWAREMicrosoftActive SetupInstalled Components{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}"
        Set-ItemProperty -Path $AdminKey -Name "IsInstalled" -Value 0
        Set-ItemProperty -Path $UserKey -Name "IsInstalled" -Value 0
        Stop-Process -Name Explorer
        Write-Host "IE Enhanced Security Configuration (ESC) has been disabled." -ForegroundColor Green
    }

    Disable-InternetExplorerESC

    Enable-InternetExplorerESC.ps1
    function Enable-InternetExplorerESC {
        $AdminKey = "HKLM:SOFTWAREMicrosoftActive SetupInstalled Components{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}"
        $UserKey = "HKLM:SOFTWAREMicrosoftActive SetupInstalled Components{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}"
        Set-ItemProperty -Path $AdminKey -Name "IsInstalled" -Value 1
        Set-ItemProperty -Path $UserKey -Name "IsInstalled" -Value 1
        Stop-Process -Name Explorer
        Write-Host "IE Enhanced Security Configuration (ESC) has been enabled." -ForegroundColor Green
    }

    Enable-InternetExplorerESC

    PowerShell 远程脚本:

    Disable-IEESC.PS1
    <#
    
        .Synopsis 
            Disables Internet Explorer Enhanced Security(IE ESC).
            
        .Description
            This script disables IE ESC on list of given Windows 2008 servers
     
        .Parameter ComputerName    
            Computer name(s) for which you want to disable IE ESC.
        
        .Parameter OutputToLogs
            This option allows you to save the failed and successful computer names to text files in
            c: drive. The successful computer will be avialable in c:successcomps.txt file and the 
            failed computers will be in c:failedcomps.txt
        
        .Example
            Disable-IEESC.PS1 -ComputerName Comp1, Comp2
            
            Disables IE ESC on Comp1 and Comp2
        .Example
            Disable-IEESC.PS1 -ComputerName Comp1, Comp2 -OutputToLogs
            
            Disables IE ESC and stores output in logfiles located in c: 
            
        .Example
            Get-Content c:servers.txt | Disable-IEESC.PS1 -OutputToLogs
            
            Disables IE ESC on computers listed in servers.txt and saves success and failed computers list to c:    
           
        .Notes
            NAME:      Disable-IEESC.PS1
            AUTHOR:    Sitaram Pamarthi
            WEBSITE:   http://techibee.com
    
    #>
    
    [cmdletbinding()]
    param(
        [parameter(ValueFromPipeline=$true,ValueFromPipelineByPropertyName=$true)]
        [string[]]$ComputerName = $env:computername,
        [switch]$OutputToLogs
        
    )
    
    begin {
        $AdministratorsKey = "SOFTWAREMicrosoftActive SetupInstalled Components{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}"
        $UsersKey = "SOFTWAREMicrosoftActive SetupInstalled Components{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}"
        $SuccessComps =@();
        $FailedComps = @();
    }
    
    process {
        foreach($Computer in $ComputerName) {
            if(!(Test-Connection -Computer $Computer -count 1 -ea 0)) {
                Write-Host "$Computer NOT REACHABLE"
                $FailedComps += $Computer
                continue
            }
    
            Write-Host "Working on $Computer"
            try {
                $BaseKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey("LocalMachine",$Computer)
                $SubKey = $BaseKey.OpenSubKey($AdministratorsKey,$true)
                $SubKey.SetValue("IsInstalled",0,[Microsoft.Win32.RegistryValueKind]::DWORD)
                $SubKey = $BaseKey.OpenSubKey($UsersKey,$true)
                $SubKey.SetValue("IsInstalled",0,[Microsoft.Win32.RegistryValueKind]::DWORD)
                Write-Host "Successfully disabled IE ESC on $Computer"
                $SuccessComps += $Computer
            }
            catch {
                Write-Host "Failed to disable IE ESC on $Computer"
                $FailedComps += $Computer
            }
            
        }
    }
    
    end{
        if($OutputToLogs) {
            $SuccessComps | Out-File "c:successcomps.txt"
            $FailedComps | Out-File "c:failedcomps.txt"
        }
    }

    Enable-IEESC.PS1
    <#
    
        .Synopsis 
            Enables Internet Explorer Enhanced Security(IE ESC).
            
        .Description
            This script enables IE ESC on list of given Windows 2008 servers
     
        .Parameter ComputerName    
            Computer name(s) for which you want to enable IE ESC.
        
        .Parameter OutputToLogs
            This option allows you to save the failed and successful computer names to text files in
            c: drive. The successful computer will be avialable in c:successcomps.txt file and the 
            failed computers will be in c:failedcomps.txt
        
        .Example
            Enable-IEESC.PS1 -ComputerName Comp1, Comp2
            
            Enables IE ESC on Comp1 and Comp2
        .Example
            Enable-IEESC.PS1 -ComputerName Comp1, Comp2 -OutputToLogs
            
            Enables IE ESC and stores output in logfiles located in c: 
            
        .Example
            Get-Content c:servers.txt | Enable-IEESC.PS1 -OutputToLogs
            
            Enables IE ESC on computers listed in servers.txt and saves success and failed computers list to c:    
           
        .Notes
            NAME:      Enable-IEESC.PS1
            AUTHOR:    Sitaram Pamarthi
            WEBSITE:   http://techibee.com
    
    #>
    
    [cmdletbinding()]
    param(
        [parameter(ValueFromPipeline=$true,ValueFromPipelineByPropertyName=$true)]
        [string[]]$ComputerName = $env:computername,
        [switch]$OutputToLogs
        
    )
    
    begin {
        $AdministratorsKey = "SOFTWAREMicrosoftActive SetupInstalled Components{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}"
        $UsersKey = "SOFTWAREMicrosoftActive SetupInstalled Components{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}"
        $SuccessComps =@();
        $FailedComps = @();
    }
    
    process {
        foreach($Computer in $ComputerName) {
            if(!(Test-Connection -Computer $Computer -count 1 -ea 0)) {
                Write-Host "$Computer NOT REACHABLE"
                $FailedComps += $Computer
                continue
            }
    
            Write-Host "Working on $Computer"
            try {
                $BaseKey = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey("LocalMachine",$Computer)
                $SubKey = $BaseKey.OpenSubKey($AdministratorsKey,$true)
                $SubKey.SetValue("IsInstalled",1,[Microsoft.Win32.RegistryValueKind]::DWORD)
                $SubKey = $BaseKey.OpenSubKey($UsersKey,$true)
                $SubKey.SetValue("IsInstalled",1,[Microsoft.Win32.RegistryValueKind]::DWORD)
                Write-Host "Successfully enabled IE ESC on $Computer"
                $SuccessComps += $Computer
            }
            catch {
                Write-Host "Failed to enable IE ESC on $Computer"
                $FailedComps += $Computer
            }
            
        }
    }
    
    end{
        if($OutputToLogs) {
            $SuccessComps | Out-File "c:successcomps.txt"
            $FailedComps | Out-File "c:failedcomps.txt"
        }
    }
  • 相关阅读:
    获取本周的周一日期与本周的周日日期
    用字符串连接SQL语句并用EXEC执行时,出现名称 '‘不是有效的标识符
    如何在iis中设置站点的编码格式。
    为应用程序池 'DefaultAppPool' 提供服务的进程意外终止-解决办法
    解决无法更改本地文件夹与 TFS 项目之间映射的问题
    远程过程调用失败0x800706be
    请求失败或服务未及时响应。有关详细信息,请参见事件日志或其他适用的错误日志
    HTML 基础篇
    python操作mysql数据库
    MySql的用法总结-2
  • 原文地址:https://www.cnblogs.com/edward2013/p/3519846.html
Copyright © 2011-2022 走看看