|
Server : Apache/2.4.43 (Win64) OpenSSL/1.1.1g PHP/7.4.6 System : Windows NT USER-PC 6.1 build 7601 (Windows 7 Professional Edition Service Pack 1) AMD64 User : User ( 0) PHP Version : 7.4.6 Disable Function : NONE Directory : C:/Windows/PolicyDefinitions/en-US/ |
<?xml version="1.0" encoding="utf-8"?>
<!-- (c) 2006 Microsoft Corporation -->
<policyDefinitionResources xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" revision="11.0" schemaVersion="1.0" xmlns="http://schemas.microsoft.com/GroupPolicy/2006/07/PolicyDefinitions">
<displayName>enter display name here</displayName>
<description>enter description here</description>
<resources>
<stringTable>
<string id="InternetCPL_Advanced_Accessibility">Accessibility</string>
<string id="InternetCPL_Advanced_International">International</string>
<string id="InternetCPL_Advanced_Security">Security</string>
<string id="InternetCPL_Connections">Connections Page</string>
<string id="InternetCPL_Content">Content Page</string>
<string id="InternetCPL_Content_Certificates">Certificates</string>
<string id="InternetCPL_General_Appearance">Appearance</string>
<string id="InternetCPL_General_Search">Search</string>
<string id="InternetCPL_General_Tabs">Tabs</string>
<string id="InternetCPL_Privacy">Privacy Page</string>
<string id="InternetCPL_Programs">Programs Page</string>
<string id="AddonManagement_AddOnList">Add-on List</string>
<string id="AddonManagement_ManagementMode">Deny all add-ons unless specifically allowed in the Add-on List</string>
<string id="AddonManagement_RestrictCrashDetection">Turn off Crash Detection</string>
<string id="AddonManagement_RestrictExtensionManagement">Do not allow users to enable or disable add-ons</string>
<string id="AddSearchProvider">Add a specific list of search providers to the user's list of search providers</string>
<string id="AdminApproved">Administrator Approved Controls</string>
<string id="Advanced">Advanced settings</string>
<string id="Advanced_CDUnlock">Allow active content from CDs to run on user machines</string>
<string id="Advanced_CertificateRevocation">Check for server certificate revocation</string>
<string id="Advanced_DisableClearType">Turn off ClearType</string>
<string id="Advanced_DisableRIED">Do not allow resetting Internet Explorer settings</string>
<string id="Advanced_DownloadSignatures">Check for signatures on downloaded programs</string>
<string id="Advanced_EnableBrowserExtensions">Allow third-party browser extensions</string>
<string id="Advanced_ExplainCDUnlock">This policy setting allows you to manage whether users receive a dialog requesting permission for active content on a CD to run.
If you enable this policy setting, active content on a CD will run without a prompt.
If you disable this policy setting, active content on a CD will always prompt before running.
If you do not configure this policy, users can choose whether to be prompted before running active content on a CD.</string>
<string id="Advanced_ExplainCertificateRevocation">This policy setting allows you to manage whether Internet Explorer will check revocation status of servers' certificates. Certificates are revoked when they have been compromised or are no longer valid, and this option protects users from submitting confidential data to a site that may be fraudulent or not secure.
If you enable this policy setting, Internet Explorer will check to see if server certificates have been revoked.
If you disable this policy setting, Internet Explorer will not check server certificates to see if they have been revoked.
If you do not configure this policy setting, Internet Explorer will not check server certificates to see if they have been revoked.</string>
<string id="Advanced_ExplainDisableRIED">This policy setting prevents the user from using the Reset Internet Explorer Settings feature. Reset Internet Explorer Settings allows the user to reset all settings changed since installation, delete browsing history, and disable add-ons that are not preapproved.
If you enable this policy setting, the user cannot use Reset Internet Explorer Settings.
If you disable or do not configure this policy setting, the user can use Reset Internet Explorer Settings.</string>
<string id="Advanced_ExplainDownloadSignatures">This policy setting allows you to manage whether Internet Explorer checks for digital signatures (which identifies the publisher of signed software and verifies it hasn't been modified or tampered with) on user computers before downloading executable programs.
If you enable this policy setting, Internet Explorer will check the digital signatures of executable programs and display their identities before downloading them to user computers.
If you disable this policy setting, Internet Explorer will not check the digital signatures of executable programs or display their identities before downloading them to user computers.
If you do not configure this policy, Internet Explorer will not check the digital signatures of executable programs or display their identities before downloading them to user computers.</string>
<string id="Advanced_ExplainEnableBrowserExtensions">This policy setting allows you to manage whether Internet Explorer will launch COM add-ons known as browser helper objects, such as toolbars. Browser helper objects may contain flaws such as buffer overruns which impact Internet Explorer's performance or stability.
If you enable this policy setting, Internet Explorer automatically launches any browser helper objects that are installed on the user's computer.
If you disable this policy setting, browser helper objects do not launch.
If you do not configure this policy, Internet Explorer automatically launches any browser helper objects that are installed on the user's computer.</string>
<string id="Advanced_ExplainInstallOnDemand_IE">This policy setting allows you to manage whether users can automatically download and install Web components (such as fonts) that can installed by Internet Explorer Active Setup. For example, if you open a Web page that requires Japanese-text display support, Internet Explorer could prompt the user to download the Japanese Language Pack component if it is not already installed.
If you enable this policy setting, Web components such as fonts will be automatically installed as necessary.
If you disable this policy setting, users will be prompted when Web Components such as fonts would be downloaded.
If you do not configure this policy, users will be prompted when Web Components such as fonts would be downloaded.</string>
<string id="Advanced_ExplainInstallOnDemand_Other">This policy setting allows you to manage whether users can download and install self-installing program files (non-Internet Explorer components) that are registered with Internet Explorer (such as Macromedia and Java) that are required in order to view web pages as intended.
If you enable this policy setting, non-Internet Explorer components will be automatically installed as necessary.
If you disable this policy setting, users will be prompted when non-Internet Explorer components would be installed.
If you do not configure this policy setting, non-Internet Explorer components will be automatically installed as necessary.</string>
<string id="Advanced_ExplainInternetExplorerUpdates">This policy setting allows you to manage whether Internet Explorer checks the Internet for newer versions. When Internet Explorer is set to do this, the checks occur approximately every 30 days, and users are prompted to install new versions as they become available.
If you enable this policy setting, Internet Explorer checks the Internet for a new version approximately every 30 days and prompts the user to download new versions when they are available.
If you disable this policy setting, Internet Explorer does not check the Internet for new versions of the browser, so does not prompt users to install them.
If you do not configure this policy setting, Internet Explorer does not check the Internet for new versions of the browser, so does not prompt users to install them.</string>
<string id="Advanced_ExplainInvalidSignatureBlock">This policy setting allows you to manage whether software, such as ActiveX controls and file downloads, can be installed or run by the user even though the signature is invalid. An invalid signature might indicate that someone has tampered with the file.
If you enable this policy setting, users will be prompted to install or run files with an invalid signature.
If you disable this policy setting, users cannot run or install files with an invalid signature.
If you do not configure this policy, users can choose to run or install files with an invalid signature.</string>
<string id="Advanced_ExplainPlayAnimations">This policy setting allows you to manage whether Internet Explorer will display animated pictures found in Web content. Generally only animated GIF files are affected by this setting; active Web content such as java applets are not.
If you enable this policy setting, Internet Explorer will play animated pictures found in Web content.
If you disable this policy setting, Internet Explorer will not play or download animated pictures, helping pages display more quickly.
If you do not configure this policy setting, Internet Explorer will play animated pictures found in Web content.</string>
<string id="Advanced_ExplainPlaySounds">This policy setting allows you to manage whether Internet Explorer will play sounds found in web content. Generally only sound files such as MIDI files are affected by this setting; active Web content such as java applets are not.
If you enable this policy setting, Internet Explorer will play sounds found in Web content.
If you disable this policy setting, Internet Explorer will not play or download sounds in Web content, helping pages display more quickly.
If you enable this policy setting, Internet Explorer will play sounds found in Web content.</string>
<string id="Advanced_ExplainPlayVideos">This policy setting allows you to manage whether Internet Explorer will display videos found in Web content. Generally only embedded video files are affected by this setting; active Web content such as java applets are not.
If you enable this policy setting, Internet Explorer will play videos found in Web content.
If you disable this policy setting, Internet Explorer will not play or download videos, helping pages display more quickly.
If you do not configure this policy setting, Internet Explorer will play videos found in Web content.</string>
<string id="Advanced_ExplainProfileAssistant">This policy setting specifies whether you will accept requests from Web sites for Profile Assistant information.
If you enable this policy setting, Profile Assistant information will not be provided, and users will not be prompted to provide information.
If you disable this policy setting, then when a Web site requests Profile Assistant information, users will be prompted to choose which information to share. At that time, users can also choose to allow this information to be shared with the Web site in the future without being prompted.
If you do not configure this policy setting, a user will have the freedom to accept requests from Web sites for Profile Assistant information.</string>
<string id="Advanced_ExplainSaveEncryptedPages">This policy setting allows you to manage whether Internet Explorer will save encrypted pages that contain secure (HTTPS) information such as passwords and credit card numbers to the Internet Explorer cache, which may be insecure.
If you enable this policy setting, Internet Explorer will not save encrypted pages containing secure (HTTPS) information to the cache.
If you disable this policy setting, Internet Explorer will save encrypted pages containing secure (HTTPS) information to the cache.
If you do not configure this policy, Internet Explorer will save encrypted pages containing secure (HTTPS) information to the cache.</string>
<string id="Advanced_ExplainTemporaryInternetFiles">This policy setting allows you to manage whether Internet Explorer deletes the contents of the Temporary Internet Files folder after all browser windows are closed. This protects against storing dangerous files on the computer, or storing sensitive files that other users could see, in addition to managing total disk space usage.
If you enable this policy setting, Internet Explorer will delete the contents of the user's Temporary Internet Files folder when all browser windows are closed.
If you disable this policy setting, Internet Explorer will not delete the contents of the user's Temporary Internet Files folder when browser windows are closed.
If you do not configure this policy, Internet Explorer will not delete the contents of the Temporary Internet Files folder when browser windows are closed.</string>
<string id="Advanced_InstallOnDemand_IE">Allow Install On Demand (Internet Explorer)</string>
<string id="Advanced_InstallOnDemand_Other">Allow Install On Demand (except Internet Explorer)</string>
<string id="Advanced_InternetExplorerUpdates">Automatically check for Internet Explorer updates</string>
<string id="Advanced_InvalidSignatureBlock">Allow software to run or install even if the signature is invalid</string>
<string id="Advanced_PlayAnimations">Play animations in web pages</string>
<string id="Advanced_PlaySounds">Play sounds in web pages</string>
<string id="Advanced_PlayVideos">Play videos in web pages</string>
<string id="Advanced_ProfileAssistant">Turn off Profile Assistant</string>
<string id="Advanced_SaveEncryptedPages">Do not save encrypted pages to disk</string>
<string id="Advanced_TemporaryInternetFiles">Empty Temporary Internet Files folder when browser is closed</string>
<string id="AdvancedPage">Advanced Page</string>
<string id="AllowServicePoweredQSA">Allow Microsoft services to provide enhanced suggestions as the user types in the Address bar</string>
<string id="AllowServicePoweredQSA_Explain">This policy setting allows Internet Explorer to provide enhanced suggestions as the user types in the Address bar. To provide enhanced suggestions, the user's keystrokes are sent to Microsoft through Microsoft services.
If you enable this policy setting, users receive enhanced suggestions while typing in the Address bar. In addition, users won't be able to change the Suggestions setting on the Settings charm.
If you disable this policy setting, users won't receive enhanced suggestions while typing in the Address bar. In addition, users won't be able to change the Suggestions setting on the Settings charm.
If you don't configure this policy setting, users can change the Suggestions setting on the Settings charm.</string>
<string id="Always">Always</string>
<string id="AlwaysShowMenu">Turn on menu bar by default</string>
<string id="AnchorColorHover_Explain">This policy setting prevents the user from specifying the color to which hyperlinks change when the mouse pointer pauses on them.
If you enable this policy setting, the user cannot specify the hover color. You must specify the hover color (for example: 192,192,192).
If you disable or do not configure this policy setting, the user can specify the hover color.</string>
<string id="AnchorColorHoverPol">Prevent specifying the hover color</string>
<string id="Audio_Video_Player">Audio/Video Player</string>
<string id="AutoComplete">Turn on inline AutoComplete</string>
<string id="AutoComplete_Explain">This policy setting allows you to turn on inline AutoComplete in Internet Explorer and File Explorer. The AutoComplete feature provides suggestions for what the user types by automatically completing the address or command with the closest match.
If you enable this policy setting, inline AutoComplete is turned on. The user cannot turn it off.
If you disable this policy setting, inline AutoComplete is turned off. The user cannot turn it on.
If you do not configure this policy setting, the user can turn on or turn off inline AutoComplete.
By default, inline AutoComplete is turned off for Windows Vista, Windows 7, Internet Explorer 7, and Internet Explorer 8. By default, inline AutoComplete is turned on for Internet Explorer 9.</string>
<string id="AutoCompleteCat">AutoComplete</string>
<string id="AutoCompleteIntegrated">Turn off inline AutoComplete in File Explorer</string>
<string id="AutoCompleteIntegrated_Explain">This policy setting let you turn off Inline AutoComplete in File Explorer. Inline AutoComplete provides suggestions for what you type by automatically completing the command inline with the closest match. By default, this functionality is turned on in File Explorer.
If you enable this policy setting, Inline AutoComplete for File Explorer is turned off. The user cannot turn it on.
If you disable this policy setting, Inline AutoComplete for File Explorer is turned on. The user cannot turn it off.
If you do not configure this policy setting, a user will have the freedom to turn on or off Inline AutoComplete for File Explorer.</string>
<string id="AutomaticPhishing">Automatic</string>
<string id="AutoProxyCache">Disable caching of Auto-Proxy scripts</string>
<string id="AutoSearch0">Do not search from the address bar</string>
<string id="AutoSearch1">Display the results in the main window</string>
<string id="UseIntranetSiteForOneWordEntry">Go to an intranet site for a one-word entry in the Address bar</string>
<string id="UseIntranetSiteForOneWordEntry_Explain">This policy allows the user to go directly to an intranet site for a one-word entry in the Address bar.
If you enable this policy setting, Internet Explorer goes directly to an intranet site for a one-word entry in the Address bar, if it is available.
If you disable or do not configure this policy setting, Internet Explorer does not go directly to an intranet site for a one-word entry in the Address bar.</string>
<string id="Background">Background</string>
<string id="BackgroundColor_Explain">This policy setting prevents the user from specifying the background color in Internet Explorer.
If you enable this policy setting, the user cannot specify the background color in Internet Explorer. You must specify the background color (for example: 192,192,192).
If you disable or do not configure this policy setting, the user can specify the background color in Internet Explorer.</string>
<string id="BackgroundColorPol">Prevent specifying background color</string>
<string id="BackgroundColors">Turn on printing of background colors and images</string>
<string id="Branding_NoExternalBranding">Disable external branding of Internet Explorer</string>
<string id="Browsing">Browsing</string>
<string id="Carpoint">Carpoint</string>
<string id="CategoryAppCompat">Application Compatibility</string>
<string id="Channels">Offline Pages</string>
<string id="CodeDownload">Code Download</string>
<string id="CodeDownloadPol">Prevent specifying the code download path for each computer</string>
<string id="CodeDownloadPol_Explain">This policy setting prevents the user from specifying the code download path for each computer. The Internet Component Download service exposes a function that is called by an application to download, verify, and install code for an Object Linking and Embedding (OLE) component.
If you enable this policy setting, the user cannot specify the download path for the code. You must specify the download path.
If you disable or do not configure this policy setting, the user can specify the download path for the code.</string>
<string id="ComponentUpdates">Component Updates</string>
<string id="ControlPanel_RestrictAdvanced">Disable changing Advanced page settings</string>
<string id="ControlPanel_RestrictAdvancedTab">Disable the Advanced page</string>
<string id="ControlPanel_RestrictConnectionsTab">Disable the Connections page</string>
<string id="ControlPanel_RestrictContentTab">Disable the Content page</string>
<string id="ControlPanel_RestrictGeneralTab">Disable the General page</string>
<string id="ControlPanel_RestrictPrivacyTab">Disable the Privacy page</string>
<string id="ControlPanel_RestrictProgramsTab">Disable the Programs page</string>
<string id="ControlPanel_RestrictSecurityTab">Disable the Security page</string>
<string id="ControlPanel_SendIDNNames">Send internationalized domain names</string>
<string id="ControlPanel_UTF8URLQuery">Turn off sending UTF-8 query strings for URLs</string>
<string id="ControlPanel_SendUTF8Query">Use UTF-8 for mailto links</string>
<string id="CorporateSettings">Corporate Settings</string>
<string id="Customized_UserAgent_String">Customize user agent string</string>
<string id="DHTMLEdit">DHTML Edit Control</string>
<string id="DialupSettings">Use Automatic Detection for dial-up connections</string>
<string id="Disable_Background_Syncing">Turn off background synchronization for feeds and Web Slices</string>
<string id="Disable_Downloading_of_Enclosures">Prevent downloading of enclosures</string>
<string id="Disable_Feed_Add_Remove">Prevent subscribing to or deleting a feed or a Web Slice</string>
<string id="Disable_Feed_Discovery">Prevent automatic discovery of feeds and Web Slices</string>
<string id="Disable_Feed_List">Prevent access to feed list</string>
<string id="Allow_Basic_Feed_Auth_In_Clear">Turn on Basic feed authentication over HTTP</string>
<string id="Disable_Fix_Security_Settings">Prevent "Fix settings" functionality</string>
<string id="Disable_Managing_Phishing_Filter">Prevent managing the phishing filter</string>
<string id="Disable_Managing_Safety_Filter_IE8">Turn off Managing SmartScreen Filter for Internet Explorer 8</string>
<string id="Disable_Managing_Safety_Filter_IE9">Prevent managing SmartScreen Filter</string>
<string id="Disable_Security_Settings_Check">Turn off the Security Settings Check feature</string>
<string id="DisableDebugger">Turn on script debugging</string>
<string id="DisableDebugger_Explain">This policy setting allows you to turn on your script debugger, if one is installed. Website developers use script debuggers to test programs and scripts on their webpages. You can use the script debugger to browse, edit, and debug .htm and .asp files that contain Microsoft Visual Basic Scripting Edition (VBScript) or Microsoft JScript.
If you enable this policy setting, script debugging is turned on. The user cannot turn off script debugging.
If you disable this policy setting, script debugging is turned off. The user cannot turn on script debugging.
If you do not configure this policy setting, the user can turn on or turn off script debugging.</string>
<string id="DisableInterchangingMenuBarNavBar">Position the menu bar above the navigation bar</string>
<string id="DisablePopupFilterLevel">Prevent changing pop-up filter level</string>
<string id="DisableToolbarUpgrader">Turn off toolbar upgrade tool</string>
<string id="DisplayScriptFailureUI">Display error message on proxy script download failure</string>
<string id="DisplaySettings">Display settings</string>
<string id="Enable_Compat_Logging">Turn on compatibility logging</string>
<string id="InternetCPL">Internet Control Panel</string>
<string id="Encoding">URL Encoding</string>
<string id="EnforceFullscreen">Enforce full-screen mode</string>
<string id="Existing">Open in existing Internet Explorer window</string>
<string id="Explain_Advanced_DisableClearType">This policy setting prevents the text on the screen from being rendered through the ClearType technology that enhances the readability of text on LCD displays.
If you enable this policy setting, applications that host MSHTML do not render text by using the Microsoft ClearType rendering engine.
If you disable or do not configure this policy setting, applications that host MSHTML render text by using the Microsoft ClearType rendering engine.</string>
<string id="ExplainHelp_NoTutorial">Prevents users from running the Internet Explorer Tour from the Help menu in Internet Explorer.
If you enable this policy, the Tour command is removed from the Help menu.
If you disable this policy or do not configure it, users can run the tour from the Help menu.</string>
<string id="ExplainPopupBlocker_AllowList">This policy setting allows you to specify a list of web sites that will be allowed to open pop-up windows regardless of the Internet Explorer process's Pop-Up Blocker settings.
If you enable this policy setting, you can enter a list of sites which will be allowed to open pop-up windows regardless of user settings. Only the domain name is allowed, so www.contoso.com is valid, but not http://www.contoso.com. Wildcards are allowed, so *.contoso.com is also valid.
If you disable this or do not configure this policy setting, you will not be able to provide a default Pop-up Blocker exception list.
Note: You can disable users from adding or removing websites to the exception list by enabling "Turn off Managing Pop-up Allow list" policy.</string>
<string id="ExplainScriptPaste_AllProcs_Explain">This policy setting allows you to bypass prompting when a script that is running in any process on the computer attempts to perform a Clipboard operation (delete, copy, or paste).
If you enable this policy setting, the user is not prompted when a script that is running in any process on the computer performs a Clipboard operation. This means that if the zone behavior is currently set to prompt, it will be bypassed and enabled.
If you disable this policy setting, the user is prompted when a script that is running in any process on the computer attempts to perform a Clipboard operation.
If you do not configure this policy setting, current values of the URL action for the application or process on the computer prevail.</string>
<string id="ExplainScriptPaste_IE_Explain">This policy setting allows you to bypass prompting when a script that is running in the Internet Explorer process attempts to perform a Clipboard operation (delete, copy, or paste) and the URL action for the zone is set to prompt.
If you enable this policy setting, the user is not prompted when a script that is running in the Internet Explorer process performs a Clipboard operation. In the Internet Explorer process, if the zone behavior is currently set to prompt, it will be bypassed and enabled.
If you disable this policy setting, the user is prompted when a script that is running in the Internet Explorer process attempts to perform a Clipboard operation.
If you do not configure this policy setting, current values of the URL action for the Internet Explorer process prevail.</string>
<string id="ExplainScriptPaste_ProcList_Explain">This policy setting allows you to define applications and processes that can access the Clipboard without prompting the user.
Note: Do not enter the Internet Explorer processes in this list. To enable or disable Internet Explorer processes, use the "Bypass prompting for Clipboard access for scripts running in the Internet Explorer process" policy. If the "Bypass prompting for Clipboard access for scripts running in any process" policy setting is enabled, the processes configured in this policy setting take precedence over that policy setting.
If you enable this policy setting and enter a value of 1, prompts are bypassed. If you enter a value of 0, prompts are not bypassed. Value Name is the name of the executable file. If Value Name is empty or the value is not 0 or 1, the policy setting is ignored.
If you enable this policy setting for an application or process in the list, a script can perform a Clipboard operation without prompting the user. This means that if the zone behavior is currently set to prompt, it will be bypassed and enabled.
If you disable this policy setting for an application or process in the list, a script that is running in the application or process cannot bypass the prompt for delete, copy, or paste operations from the Clipboard.
If you do not configure this policy setting, current values of the URL action for an application or process in the list prevail.</string>
<string id="FavImportExport">Disable Import/Export Settings wizard</string>
<string id="GeolocationDisable">Turn off browser geolocation</string>
<string id="DisableFlashInIE">Turn off Adobe Flash in Internet Explorer and prevent applications from using Internet Explorer technology to instantiate Flash objects</string>
<string id="File_NoBrowserClose">File menu: Disable closing the browser and Explorer windows</string>
<string id="File_NoBrowserSaveAs">File menu: Disable Save As... menu option</string>
<string id="File_NoBrowserSaveWebComplete">File menu: Disable Save As Web Page Complete</string>
<string id="File_NoFileNew">File menu: Disable New menu option</string>
<string id="File_NoFileOpen">File menu: Disable Open menu option</string>
<string id="Flash">Shockwave Flash</string>
<string id="Font0">Smallest</string>
<string id="Font1">Smaller</string>
<string id="Font2">Medium</string>
<string id="Font3">Larger</string>
<string id="Font4">Largest</string>
<string id="FontSize">Prevent choosing default text size</string>
<string id="FontSizeDefault_Explain">This policy setting prevents the user from choosing the default text size in Internet Explorer.
If you enable this policy setting, the user cannot choose the default text size in Internet Explorer. You must specify the default text size:
• Largest
• Larger
• Medium
• Smaller
• Smallest
If you disable or do not configure this policy setting, the user can choose the default text size in Internet Explorer.</string>
<string id="ForceNewTab">Force pop-ups to open in a new tab</string>
<string id="ForceNewWindow">Force pop-ups to open in a new window</string>
<string id="Foreground">Foreground</string>
<string id="FriendlyErrorText">Turn off details in messages about Internet connection problems</string>
<string id="FriendlyErrorText_Explain">This policy setting specifies whether, when there is a problem connecting with an Internet server, to provide a detailed description with hints about how to correct the problem. If you clear this check box, the user sees only the error code and the name of the error.
If you enable this policy setting, when there is a problem connecting with an Internet server, the user does not see a detailed description or hints about how to correct the problem. The user cannot change this policy setting.
If you disable this policy setting, when there is a problem connecting with an Internet server, the user sees a detailed description with hints about how to correct the problem. The user cannot change this policy setting.
If you do not configure this policy setting, the user can turn on or turn off details in these error messages.</string>
<string id="General_Zooming">Turn off page-zooming functionality</string>
<string id="GeneralColors">General Colors</string>
<string id="Help_NoFeedback">Help menu: Remove 'Send Feedback' menu option</string>
<string id="Help_NoNetscapeHelp">Help menu: Remove 'For Netscape Users' menu option</string>
<string id="Help_NoTip">Help menu: Remove 'Tip of the Day' menu option</string>
<string id="Help_NoTutorial">Help menu: Remove 'Tour' menu option</string>
<string id="HelpAbout128">Help Menu > About Internet Explorer</string>
<string id="HelpAbout128Pol">Prevent specifying cipher strength update information URLs</string>
<string id="HelpAbout128Pol_Explain">This policy setting prevents the user from specifying a URL that contains update information about cipher strength. When the user logs on to a secure page, the page cannot grant access unless the Internet browser connects with a prespecified encryption. To ensure that the browser meets this requirement, this policy setting allows you to specify the URL to update the browser security setting.
If you enable this policy setting, the user cannot specify the cipher strength update information URL. You must specify the cipher strength update information URL.
If you disable or do not configure this policy setting, the user can specify the cipher strength update information URL.</string>
<string id="Hover">Hover</string>
<string id="ICWComplete">Start the Internet Connection Wizard automatically</string>
<string id="ICWComplete_Explain">This policy setting determines whether the Internet Connection Wizard was completed. If the Internet Connection Wizard was not completed, this policy setting starts the wizard automatically.
If you enable this policy setting, the Internet Connection Wizard starts automatically if it was not completed before. The user cannot prevent the wizard from starting.
If you disable this policy setting, the Internet Connection Wizard does not start automatically. The user can start the wizard manually.
If you do not configure this policy setting, the user can decide whether the Internet Connection Wizard should start automatically.</string>
<string id="ICWSettings">Internet Connection Wizard Settings</string>
<string id="Identities">Identity Manager: Prevent users from using Identities</string>
<string id="IDN_Always">Always convert to IDN format</string>
<string id="IDN_Intranet">Convert Intranet addresses to IDN format</string>
<string id="IDN_Never">Never convert to IDN format</string>
<string id="IDN_NonIntranet">Convert non-Intranet addresses to IDN format</string>
<string id="IE_Explain_Customized_UserAgent_String">This policy setting allows you to customize the Internet Explorer version string as reported to web servers in the HTTP User Agent header.
If you enable this policy setting, Internet Explorer sends the specified custom string in the version portion of the User Agent header.
If you disable or do not configure this policy setting, Internet Explorer sends the current Internet Explorer version in the User Agent header (for example, "MSIE 7.0").</string>
<string id="IE_Explain_DisableBackgroundSyncing">This policy setting controls whether to have background synchronization for feeds and Web Slices.
If you enable this policy setting, the ability to synchronize feeds and Web Slices in the background is turned off.
If you disable or do not configure this policy setting, the user can synchronize feeds and Web Slices in the background.</string>
<string id="IE_Explain_DisableDownloadingofEnclosures">This policy setting prevents the user from having enclosures (file attachments) downloaded from a feed to the user's computer.
If you enable this policy setting, the user cannot set the Feed Sync Engine to download an enclosure through the Feed property page. A developer cannot change the download setting through the Feed APIs.
If you disable or do not configure this policy setting, the user can set the Feed Sync Engine to download an enclosure through the Feed property page. A developer can change the download setting through the Feed APIs.</string>
<string id="IE_Explain_DisableFeedAddRemove">This policy setting prevents the user from subscribing to or deleting a feed or a Web Slice.
If you enable this policy setting, the menu command to subscribe to a feed and the menu command to delete a feed are disabled, and access to Web Slices is turned off. A developer cannot add a feed or Web Slice or delete a feed or Web Slice by using the Feed APIs. A developer also cannot create or delete folders.
If you disable or do not configure this policy setting, the user can subscribe to a feed or Web Slice through the Subscribe button in Internet Explorer and delete a feed or Web Slice through the feed list control. A developer can add or delete a feed or Web Slice by using the Feed APIs.</string>
<string id="IE_Explain_DisableFeedDiscovery">This policy setting prevents users from having Internet Explorer automatically discover whether a feed or Web Slice is available for an associated webpage.
If you enable this policy setting, the user does not receive a notification on the toolbar that a feed or Web Slice is available.
If you disable or do not configure this policy setting, the user receives a notification when a feed or Web Slice is available and can click the feed discovery button.</string>
<string id="IE_Explain_DisableFeedPane">This policy setting prevents the user from using Internet Explorer as a feed reader. This policy setting has no impact on the Windows RSS Platform.
If you enable this policy setting, the user cannot access the feed list in the Favorites Center.
If you disable or do not configure this policy setting, the user can access the feed list in the Favorites Center.</string>
<string id="IE_Explain_AllowBasicAuthInClear">This policy setting allows users to have their feeds authenticated through the Basic authentication scheme over an unencrypted HTTP connection.
If you enable this policy setting, the Windows RSS Platform authenticates feeds to servers by using the Basic authentication scheme in combination with a less secure HTTP connection.
If you disable or do not configure this policy setting, the Windows RSS Platform does not authenticate feeds to servers by using the Basic authentication scheme in combination with a less secure HTTP connection.
A developer cannot change this policy setting through the Feed APIs.</string>
<string id="IE_Explain_DisableFixSecuritySettings">This policy setting prevents the user from using the "Fix settings" functionality related to Security Settings Check.
If you enable this policy setting, the user cannot use the "Fix settings" functionality.
If you disable or do not configure this policy setting, the user can use the "Fix settings" functionality.
Note: When this policy setting is enabled, the "Fix settings" command on the Notification bar shortcut menu should be disabled.</string>
<string id="IE_Explain_DisableInterchangingMenuBarNavBar">This policy setting positions the menu bar above the navigation bar. The navigation bar contains icons for a variety of features, including browsing web pages, searching the web by using a selection of search tools, accessing and managing favorites, viewing a history of visited pages, printing, and accessing email and newsgroups. The menu bar contains menus that open lists of commands. The commands include options for printing, customizing Internet Explorer, copying and pasting text, managing favorites, and accessing Help.
If you enable this policy setting, the menu bar is above the navigation bar. The user cannot interchange the positions of the menu bar and the navigation bar.
If you disable this policy setting, the menu bar is below the navigation bar. The user cannot interchange the positions of the menu bar and the navigation bar.
If you do not configure this policy setting, the user can interchange the positions of the menu bar and the navigation bar.</string>
<string id="IE_Explain_DisableManagingPhishingFilter">This policy setting prevents the user from managing a filter that warns the user if the website being visited is known for fraudulent attempts to gather personal information through "phishing."
If you enable this policy setting, the user is not prompted to enable the phishing filter. You must specify which mode the phishing filter uses: manual, automatic, or off.
If you select manual mode, the phishing filter performs only local analysis, and the user is prompted to permit any data to be sent to Microsoft. If the feature is fully enabled, all website addresses that are not on the filter's allow list are sent automatically to Microsoft without prompting the user.
If you disable or do not configure this policy setting, the user is prompted to decide the mode of operation for the phishing filter.</string>
<string id="IE_Explain_DisableManagingSafetyFilter">This policy setting allows the user to enable the SmartScreen Filter, which warns the user if the website being visited is known for fraudulent attempts to gather personal information through "phishing," or is known to host malware.
If you enable this policy setting, the user is not prompted to turn on SmartScreen Filter. You must specify which mode the SmartScreen Filter uses: on, or off.All website addresses that are not on the filter's allow list are sent automatically to Microsoft without prompting the user.
If you disable or do not configure this policy setting, the user is prompted to decide whether to turn on the SmartScreen Filter during the first-run experience.</string>
<string id="IE_Explain_DisableManagingSafetyFilter_IE9">This policy setting prevents the user from managing SmartScreen Filter, which warns the user if the website being visited is known for fraudulent attempts to gather personal information through "phishing," or is known to host malware.
If you enable this policy setting, the user is not prompted to turn on SmartScreen Filter. All website addresses that are not on the filter's allow list are sent automatically to Microsoft without prompting the user.
If you disable or do not configure this policy setting, the user is prompted to decide whether to turn on SmartScreen Filter during the first-run experience.</string>
<string id="IE_Explain_DisableSecuritySettingsCheck">This policy setting turns off the Security Settings Check feature, which checks Internet Explorer security settings to determine when the settings put Internet Explorer at risk.
If you enable this policy setting, the feature is turned off.
If you disable or do not configure this policy setting, the feature is turned on.</string>
<string id="IE_Explain_EnableCompatLogging">This policy setting logs information that is blocked by new features in Internet Explorer. The logged compatibility information is displayed in the Windows Event Viewer.
If you enable this policy setting, the user can log information that is blocked by new Internet Explorer features. The user cannot turn off logging.
If you disable this policy setting, the user cannot log information that is blocked by new Internet Explorer features. The user cannot turn on logging.
If you do not configure this policy setting, the user can change the logging settings.</string>
<string id="IE_Explain_EnforceFullscreen">This policy setting allows you to enforce full-screen mode, which disables the navigation bar, the menu bar, and the Command bar. Starting with Windows 8, this policy only applies to Internet Explorer on the desktop.
The navigation bar includes features for browsing webpages, searching the web by using a selection of search tools, viewing a history of visited pages, printing, and accessing email and newsgroups. The menu bar contains menus that open lists of commands for printing, customizing Internet Explorer, copying and pasting text, managing favorites, and accessing Help. The Command bar enables the user to access and manage favorites, feeds, shortcuts to home page, and more. Full-screen mode disables not only these three bars, but also the shortcuts to these bars.
If you enable this policy setting, the navigation bar, the menu bar, and the Command bar are not visible, and the user cannot access them.
If you disable or do not configure this policy setting, the user can view and access the navigation bar, the menu bar, and the Command bar.</string>
<string id="IE_Explain_AddonManagement_IgnoreAddonApprovalStatus">This policy setting allows you to configure whether newly installed add-ons are automatically activated in the Internet Explorer 9 browser. Any add-ons that were activated in a previous version of Internet Explorer are considered to be the same as newly installed add-ons and are not activated when the user upgrades to Internet Explorer 9.
In Internet Explorer 9, add-ons are defined as toolbars, Browser Helper Objects, or Explorer bars. ActiveX controls are referred to as plug-ins and are not part of this definition.
If you enable this policy setting, newly installed add-ons are automatically activated in the browser.
If you disable or do not configure this policy setting, newly installed add-ons are not automatically activated in the browser. Internet Explorer notifies the user when newly installed add-ons are ready for use. The user must choose to activate them by responding to the notification, using Manage Add-ons, or using other methods.</string>
<string id="IE_Explain_AddonManagement_DisableAddonLoadTimePerformanceNotifications">This policy setting prevents Internet Explorer from displaying a notification when the average time to load all the user's enabled add-ons exceeds the threshold. The notification informs the user that add-ons are slowing his or her browsing and displays a button that opens the Disable Add-ons dialog box. The Disable Add-ons dialog box displays the load time for each group of add-ons enabled in the browser. It allows the user to disable add-ons and configure the threshold.
If you enable this policy setting, users are not notified when the average time to load all the user's enabled add-ons exceeds the threshold.
If you disable or do not configure this policy setting, users are notified when the average time to load all the user's enabled add-ons exceeds the threshold. This is the default.</string>
<string id="IE_Explain_Microsoft_Agent">Designates the Microsoft Agent ActiveX control as administrator-approved.
Microsoft Agent is a set of software services that supports the presentation of software agents as interactive personalities within the Microsoft Windows interface.
If you enable this policy, this control can be run in security zones in which you specify that administrator-approved controls can be run.
If you disable this policy or do not configure it, these controls will not be designated as administrator-approved.
To specify how administrator-approved controls are handled for each security zone, carry out the following steps:
1. In Group Policy, click User Configuration, click Internet Explorer Maintenance, and then click Security.
2. Double-click Security Zones and Content Ratings, click Import the Current Security Zones Settings, and then click Modify Settings.
3. Select the content zone in which you want to manage ActiveX controls, and then click Custom Level.
4. In the Run ActiveX Controls and Plug-ins area, click Administrator Approved.</string>
<string id="IE_Explain_TurnOnActiveXFiltering">This policy setting controls the ActiveX Filtering feature for websites that are running ActiveX controls. The user can choose to turn off ActiveX Filtering for specific websites so that ActiveX controls can run properly.
If you enable this policy setting, ActiveX Filtering is enabled by default for the user. The user cannot turn off ActiveX Filtering, although they may add per-site exceptions.
If you disable or do not configure this policy setting, ActiveX Filtering is not enabled by default for the user. The user can turn ActiveX Filtering on or off.</string>
<string id="IE_ExplainAddonManagement_AddOnList">This policy setting allows you to manage a list of add-ons to be allowed or denied by Internet Explorer. Add-ons in this case are controls like ActiveX Controls, Toolbars, and Browser Helper Objects (BHOs) which are specifically written to extend or enhance the functionality of the browser or web pages.
This list can be used with the 'Deny all add-ons unless specifically allowed in the Add-on List' policy setting, which defines whether add-ons not listed here are assumed to be denied.
If you enable this policy setting, you can enter a list of add-ons to be allowed or denied by Internet Explorer. For each entry that you add to the list, enter the following information:
Name of the Value - the CLSID (class identifier) for the add-on you wish to add to the list. The CLSID should be in brackets for example, ‘{000000000-0000-0000-0000-0000000000000}'. The CLSID for an add-on can be obtained by reading the OBJECT tag from a Web page on which the add-on is referenced.
Value - A number indicating whether Internet Explorer should deny or allow the add-on to be loaded. To specify that an add-on should be denied enter a 0 (zero) into this field. To specify that an add-on should be allowed, enter a 1 (one) into this field. To specify that an add-on should be allowed and also permit the user to manage the add-on through Add-on Manager, enter a 2 (two) into this field.
If you disable this policy setting, the list is deleted. The 'Deny all add-ons unless specifically allowed in the Add-on List' policy setting will still determine whether add-ons not in this list are assumed to be denied.</string>
<string id="IE_ExplainAddonManagement_ManagementMode">This policy setting allows you to ensure that any Internet Explorer add-ons not listed in the 'Add-on List' policy setting are denied. Add-ons in this case are controls like ActiveX Controls, Toolbars, and Browser Helper Objects (BHOs) which are specifically written to extend or enhance the functionality of the browser or web pages.
By default, the 'Add-on List' policy setting defines a list of add-ons to be allowed or denied through Group Policy. However, users can still use the Add-on Manager within Internet Explorer to manage add-ons not listed within the 'Add-on List' policy setting. This policy setting effectively removes this option from users - all add-ons are assumed to be denied unless they are specifically allowed through the 'Add-on List' policy setting.
If you enable this policy setting, Internet Explorer only allows add-ons that are specifically listed (and allowed) through the 'Add-on List' policy setting.
If you disable or do not configure this policy setting, users may use Add-on Manager to allow or deny any add-ons that are not included in the 'Add-on List' policy setting.
Note: If an add-on is listed in the 'Add-on List' policy setting, the user cannot change its state through Add-on Manager (unless its value has been set to allow user management - see the 'Add-on List' policy for more details).</string>
<string id="IE_ExplainAddonManagement_RestrictCrashDetection">This policy setting allows you to manage the crash detection feature of add-on Management.
If you enable this policy setting, a crash in Internet Explorer will exhibit behavior found in Windows XP Professional Service Pack 1 and earlier, namely to invoke Windows Error Reporting. All policy settings for Windows Error Reporting continue to apply.
If you disable or do not configure this policy setting, the crash detection feature for add-on management will be functional.</string>
<string id="IE_ExplainAddonManagement_RestrictExtensionManagement">This policy setting allows you to manage whether users have the ability to allow or deny add-ons through Add-On Manager.
If you enable this policy setting, users cannot enable or disable add-ons through Add-On Manager. The only exception occurs if an add-on has been specifically entered into the 'Add-On List' policy setting in such a way as to allow users to continue to manage the add-on. In this case, the user can still manage the add-on through the Add-On Manager.
If you disable or do not configure this policy setting, the appropriate controls in the Add-On Manager will be available to the user.</string>
<string id="IE_ExplainAddSearchProvider">This policy setting allows you to add a specific list of search providers to the user's default list of search providers. Normally, search providers can be added from third-party toolbars or in Setup. The user can also add a search provider from the provider's website.
If you enable this policy setting, the user can add and remove search providers, but only from the set of search providers specified in the list of policy keys for search providers (found under [HKCU or HKLM\Software\policies\Microsoft\Internet Explorer\SearchScopes]). Note: This list can be created from a custom administrative template file. For information about creating this custom administrative template file, see the Internet Explorer documentation on search providers.
If you disable or do not configure this policy setting, the user can configure their list of search providers unless another policy setting restricts such configuration.</string>
<string id="IE_ExplainAdminApprovedCategory">Contains settings to enable or disable ActiveX controls.</string>
<string id="IE_ExplainAlwaysShowMenu">This policy setting allows you to turn on or turn off the earlier menus (for example, File, Edit, and View) in Internet Explorer.
If you enable this policy setting, the menu bar appears in Internet Explorer by default, and the user cannot turn it off.
If you disable this policy setting, the menu bar appears in Internet Explorer by default, and the user cannot turn it on.
If you do not configure this policy setting, the menu bar is turned off by default. The user can turn on or turn off the menu bar.</string>
<string id="IE_ExplainAudio_Video_Player">Designates the Audio/Video Player ActiveX control as administrator-approved.
This control is used for playing sounds, videos, and other media.
If you enable this policy, this control can be run in security zones in which you specify that administrator-approved controls can be run.
If you disable this policy or do not configure it, this control will not be designated as administrator-approved.
To specify how administrator-approved controls are handled for each security zone, carry out the following steps:
1. In Group Policy, click User Configuration, click Internet Explorer Maintenance, and then click Security.
2. Double-click Security Zones and Content Ratings, click Import the Current Security Zones Settings, and then click Modify Settings.
3. Select the content zone in which you want to manage ActiveX controls, and then click Custom Level.
4. In the Run ActiveX Controls and Plug-ins area, click Administrator Approved.</string>
<string id="IE_ExplainAutoProxyCache">Prevents automatic proxy scripts, which interact with a server to automatically configure users' proxy settings, from being stored in the users' cache.
If you enable this policy, automatic proxy scripts will not be stored temporarily on the users' computer.
If you disable this policy or do not configure it, automatic proxy scripts can be stored in the users' cache.</string>
<string id="IE_ExplainBranding_NoExternalBranding">Prevents branding of Internet programs, such as customization of Internet Explorer and Outlook Express logos and title bars, by another party.
If you enable this policy, it prevents customization of the browser by another party, such as an Internet service provider or Internet content provider.
If you disable this policy or do not configure it, users could install customizations from another party-for example, when signing up for Internet services.
This policy is intended for administrators who want to maintain a consistent browser across an organization.</string>
<string id="IE_ExplainCarpoint">Designates the Microsoft Network (MSN) Carpoint automatic pricing control as administrator-approved.
This control enables enhanced pricing functionality on the Carpoint Web site, where users can shop for and obtain information about vehicles.
If you enable this policy, this control can be run in security zones in which you specify that administrator-approved controls can be run.
If you disable this policy or do not configure it, this control will not be designated as administrator-approved.
To specify how administrator-approved controls are handled for each security zone, carry out the following steps:
1. In Group Policy, click User Configuration, click Internet Explorer Maintenance, and then click Security.
2. Double-click Security Zones and Content Ratings, click Import the Current Security Zones Settings, and then click Modify Settings.
3. Select the content zone in which you want to manage ActiveX controls, and then click Custom Level.
4. In the Run ActiveX Controls and Plug-ins area, click Administrator Approved.</string>
<string id="IE_ExplainCat">Contains settings to configure Internet Explorer</string>
<string id="IE_ExplainChannels">Contains settings for Offline pages and channels.</string>
<string id="IE_ExplainControlPanel_RestrictAdvanced">Prevents users from changing settings on the Advanced tab in the Internet Options dialog box.
If you enable this policy, users are prevented from changing advanced Internet settings, such as security, multimedia, and printing. Users cannot select or clear the check boxes on the Advanced tab.
If you disable this policy or do not configure it, users can select or clear settings on the Advanced tab.
If you set the "Disable the Advanced page" policy (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel), you do not need to set this policy, because the "Disable the Advanced page" policy removes the Advanced tab from the interface.</string>
<string id="IE_ExplainControlPanel_RestrictAdvancedTab">Removes the Advanced tab from the interface in the Internet Options dialog box.
If you enable this policy, users are prevented from seeing and changing advanced Internet settings, such as security, multimedia, and printing.
If you disable this policy or do not configure it, users can see and change these settings.
When you set this policy, you do not need to set the "Disable changing Advanced page settings" policy (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\), because this policy removes the Advanced tab from the interface.</string>
<string id="IE_ExplainControlPanel_RestrictConnectionsTab">Removes the Connections tab from the interface in the Internet Options dialog box.
If you enable this policy, users are prevented from seeing and changing connection and proxy settings.
If you disable this policy or do not configure it, users can see and change these settings.
When you set this policy, you do not need to set the following policies for the Content tab, because this policy removes the Connections tab from the interface:
"Disable Internet Connection Wizard"
"Disable changing connection settings"
"Prevent changing proxy settings"
"Disable changing Automatic Configuration settings"</string>
<string id="IE_ExplainControlPanel_RestrictContentTab">If you enable this policy setting, users are prevented from seeing and changing ratings, certificates, AutoComplete, Wallet, and Profile Assistant settings.
If you disable this policy or do not configure it, users can see and change these settings.</string>
<string id="IE_ExplainControlPanel_RestrictGeneralTab">Removes the General tab from the interface in the Internet Options dialog box.
If you enable this policy, users are unable to see and change settings for the home page, the cache, history, Web page appearance, and accessibility.
If you disable this policy or do not configure it, users can see and change these settings.
When you set this policy, you do not need to set the following Internet Explorer policies (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\), because this policy removes the General tab from the interface:
"Disable changing home page settings"
"Disable changing Temporary Internet files settings"
"Disable changing history settings"
"Disable changing color settings"
"Disable changing link color settings"
"Disable changing font settings"
"Disable changing language settings"
"Disable changing accessibility settings"</string>
<string id="IE_ExplainControlPanel_RestrictPrivacyTab">Removes the Privacy tab from the interface in the Internet Options dialog box.
If you enable this policy, users are prevented from seeing and changing default settings for privacy.
If you disable this policy or do not configure it, users can see and change these settings.</string>
<string id="IE_ExplainControlPanel_RestrictProgramsTab">Removes the Programs tab from the interface in the Internet Options dialog box.
If you enable this policy, users are prevented from seeing and changing default settings for Internet programs.
If you disable this policy or do not configure it, users can see and change these settings.
When you set this policy, you do not need to set the following policies for the Programs tab, because this policy removes the Programs tab from the interface:
"Disable changing Messaging settings"
"Disable changing Calendar and Contact settings"
"Disable the Reset Web Settings feature"
"Disable changing default browser check"</string>
<string id="IE_ExplainControlPanel_RestrictSecurityTab">Removes the Security tab from the interface in the Internet Options dialog box.
If you enable this policy, it prevents users from seeing and changing settings for security zones, such as scripting, downloads, and user authentication.
If you disable this policy or do not configure it, users can see and change these settings.
When you set this policy, you do not need to set the following Internet Explorer policies, because this policy removes the Security tab from the interface:
"Security zones: Do not allow users to change policies"
"Security zones: Do not allow users to add/delete sites"</string>
<string id="IE_ExplainControlPanel_SendIDNNames">This policy setting allows you to manage whether Internet Explorer converts Unicode domain names to internationalized domain name (IDN) format (Punycode) before sending them to Domain Name System (DNS) servers or to proxy servers.
If you enable this policy setting, you must specify when IDN server names should be sent:
0) Unicode domain names are never converted to IDN format.
1) Unicode domain names are converted to IDN format only for addresses that are not in the Intranet zone.
2) Unicode domain names are converted to IDN format only for addresses that are in the Intranet zone.
3) Unicode domain names are always converted to IDN format.
If you disable or do not configure this policy setting, the user can control this setting by using Advanced Options in Internet Control Panel. By default, domain names are converted to IDN format only for addresses that are not in the Intranet zone.</string>
<string id="UTF8URLQuery_Explain">This policy setting determines whether Internet Explorer uses 8-bit Unicode Transformation Format (UTF-8) to encode query strings in URLs before sending them to servers or to proxy servers.
If you enable this policy setting, you must specify when to use UTF-8 to encode query strings:
0) Never encode query strings.
1) Only encode query strings for URLs that aren't in the Intranet zone.
2) Only encode query strings for URLs that are in the Intranet zone.
3) Always encode query strings.
If you disable or don't configure this policy setting, users can turn this behavior on or off, using Internet Explorer Advanced Options settings. The default is to encode all query strings in UTF-8.</string>
<string id="IE_ExplainControlPanel_SendUTF8Query">This policy setting allows you to manage whether Internet Explorer uses 8-bit Unicode Transformation Format (UTF-8) for mailto links.
If you enable this policy setting, Internet Explorer encodes mailto links in UTF-8.
If you disable or do not configure this policy setting, Internet Explorer sends mailto links encoded through the user's code page. This behavior matches the behavior of Internet Explorer 6 and earlier. The user can change this behavior on the Internet Explorer Tools menu: Click Internet Options, click the Advanced tab, and then under International, select the "Use UTF-8 for mailto links" check box.</string>
<string id="IE_ExplainDHTMLEdit">This ActiveX control enables users to edit HTML text and see a faithful rendition of how the text would look in the browser. There are two versions of the control: a more powerful version that cannot be invoked by a web site because it includes file access and other features, and a "safe for scripting" version that has restricted functionality and is intended for use by web sites.
If you enable this policy, this control will be available as an administrator approved control and can be run if the user specifies to run administrator-approved Active-X controls and plug-ins under security zones.
If you disable this policy or do not configure it, this control will not be designated as administrator-approved.</string>
<string id="IE_ExplainDialupSettings">Specifies that Automatic Detection will be used to configure dial-up settings for users.
Automatic Detection uses a DHCP (Dynamic Host Configuration Protocol) or DNS server to customize the browser the first time it is started.
If you enable this policy, users' dial-up settings will be configured by Automatic Detection.
If you disable this policy or do not configure it, dial-up settings will not be configured by Automatic Detection, unless specified by the user.</string>
<string id="IE_ExplainDisablePopupFilterLevel">This policy setting prevents the user from changing the level of pop-up filtering. The available levels are as follows:
High: Block all pop-ups.
Medium: Block most automatic pop-ups.
Low: Allow pop-ups from secure sites.
If you enable this policy setting, the user cannot change the filter level. You can specify the filter level by importing Privacy settings from your computer under Internet Explorer Maintenance.
If you disable or do not configure this policy setting, the user can manage pop-ups by changing the filter level.
You may also want to enable the "Prevent managing pop-up exception list" and "Turn off pop-up management" policy settings to prevent the user from configuring pop-up behavior.</string>
<string id="IE_ExplainDisableToolbarUpgrader">This policy setting allows you to turn off the toolbar upgrade tool. The toolbar upgrade tool determines whether incompatible toolbars or Browser Helper Objects are installed when Internet Explorer starts. If the tool detects an incompatible toolbar, the user is prompted to update or disable the toolbar. Specific toolbars or Browser Helper Objects that are enabled or disabled via policy settings do not undergo this check.
If you enable this policy setting, the toolbar upgrade tool does not check for incompatible toolbars. The user is not prompted, and incompatible toolbars run unless previously disabled through policy settings or user choice.
If you disable or do not configure this policy setting, the toolbar upgrade tool checks for incompatible toolbars. The user can enable or disable incompatible toolbars. Toolbars that are enabled or disabled via policy settings do not undergo these checks.</string>
<string id="IE_ExplainDisplayScriptFailureUI">Specifies that error messages will be displayed to users if problems occur with proxy scripts.
If you enable this policy, error messages will be displayed when the browser does not download or run a script to set proxy settings.
If you disable this policy or do not configure it, error messages will not be displayed when problems occur with proxy scripts.</string>
<string id="IE_ExplainInternetCPLCategory">Contains settings that control features found in the Internet Options dialog.</string>
<string id="IE_ExplainFavImportExport">This policy settings disables the Import/Export Settings wizard. This wizard allows you to import settings from another browser, import settings from a file, or export settings to a file. Importing settings from another browser allows the user to import favorites and feeds from other browsers. Importing settings from a file allows the user to import favorites, feeds and cookies from a file. Exporting settings to a file allows the user to export favorites, feeds and cookies to a file.
If you enable this policy setting, the user will not be able to use the Import/Export Settings wizard.
If you disable or do not configure this policy setting, the user will be able to use the Import/Export Settings wizard.</string>
<string id="IE_ExplainGeolocationDisable">This policy setting allows you to disable browser geolocation support. This will prevent websites from requesting location data about the user.
If you enable this policy setting, browser geolocation support is turned off.
If you disable this policy setting, browser geolocation support is turned on.
If you do not configure this policy setting, browser geolocation support can be turned on or off in Internet Options on the Privacy tab.</string>
<string id="IE_ExplainDisableFlashInIE">This policy setting turns off Adobe Flash in Internet Explorer and prevents applications from using Internet Explorer technology to instantiate Flash objects.
If you enable this policy setting, Flash is turned off for Internet Explorer, and applications cannot use Internet Explorer technology to instantiate Flash objects. In the Manage Add-ons dialog box, the Flash status will be 'Disabled', and users cannot enable Flash. If you enable this policy setting, Internet Explorer will ignore settings made for Adobe Flash through the "Add-on List" and "Deny all add-ons unless specifically allowed in the Add-on List" policy settings.
If you disable, or do not configure this policy setting, Flash is turned on for Internet Explorer, and applications can use Internet Explorer technology to instantiate Flash objects. Users can enable or disable Flash in the Manage Add-ons dialog box.
Note that Adobe Flash can still be disabled through the "Add-on List" and "Deny all add-ons unless specifically allowed in the Add-on List" policy settings, even if this policy setting is disabled, or not configured. However, if Adobe Flash is disabled through the "Add-on List" and "Deny all add-ons unless specifically allowed in the Add-on List" policy settings and not through this policy setting, all applications that use Internet Explorer technology to instantiate Flash object can still do so. For more information, see "Group Policy Settings in Internet Explorer 10" in the Internet Explorer TechNet library.</string>
<string id="IE_ExplainFile_NoBrowserClose">Prevents users from closing Microsoft Internet Explorer and File Explorer.
If you enable this policy, the Close command on the File menu will appear dimmed.
If you disable this policy or do not configure it, users are not prevented from closing the browser or File Explorer.
Note: The Close button in the top right corner of the program will not work; if users click the Close button, they will be informed that the command is not available.</string>
<string id="IE_ExplainFile_NoBrowserSaveAs">Prevents users from saving Web pages from the browser File menu to their hard disk or to a network share.
If you enable this policy, the Save As command on the File menu will be removed.
If you disable this policy or do not configure it, users can save Web pages for later viewing.
This policy takes precedence over the "File Menu: Disable Save As Web Page Complete" policy, which prevents users from saving the entire contents that are displayed or run from a Web Page, such as graphics, scripts, and linked files, but does not prevent users from saving the text of a Web page.
Caution: If you enable this policy, users are not prevented from saving Web content by pointing to a link on a Web page, clicking the right mouse button, and then clicking Save Target As.</string>
<string id="IE_ExplainFile_NoBrowserSaveWebComplete">Prevents users from saving the complete contents that are displayed on or run from a Web page, including the graphics, scripts, linked files, and other elements. It does not prevent users from saving the text of a Web page.
If you enable this policy, the Web Page, Complete file type option will be removed from the Save as Type box in the Save Web Page dialog box. Users can still save Web pages as hypertext markup language (HTML) files or as text files, but graphics, scripts, and other elements are not saved. To display the Save Web Page dialog box, users click the File menu, and then click the Save As command.
If you disable this policy or do not configure it, users can save all elements on a Web page.
The "File menu: Disable Save As... menu option" policy, which removes the Save As command, takes precedence over this policy. If it is enabled, this policy is ignored.</string>
<string id="IE_ExplainFile_NoFileNew">Prevents users from opening a new browser window from the File menu.
If this policy is enabled, users cannot open a new browser window by clicking the File menu, pointing to the New menu, and then clicking Window. The user interface is not changed, but a new window will not be opened, and users will be informed that the command is not available.
If you disable this policy or do not configure it, users can open a new browser window from the File menu.
Caution: This policy does not prevent users from opening a new browser window by right-clicking, and then clicking the Open in New Window command. To prevent users from using the shortcut menu to open new browser windows, you should also set the "Disable Open in New Window menu option" policy, which disables this command on the shortcut menu, or the "Turn off Shortcut Menu" policy, which disables the entire shortcut menu.
Note: the user will still be able to open New Tabs.</string>
<string id="IE_ExplainFile_NoFileOpen">Prevents users from opening a file or Web page from the File menu in Internet Explorer.
If you enable this policy, the Open dialog box will not appear when users click the Open command on the File menu. If users click the Open command, they will be notified that the command is not available.
If you disable this policy or do not configure it, users can open a Web page from the browser File menu.
Caution: This policy does not prevent users from right-clicking a link on a Web page, and then clicking the Open or Open in New Window command. To prevent users from opening Web pages by using the shortcut menu, set the "Disable Open in New Window menu option" policy, which disables this command on the shortcut menu, or the "Turn off Shortcut Menu" policy, which disables the entire shortcut menu.</string>
<string id="IE_ExplainFlash">Designates Shockwave flash as an administrator approved control.
If you enable this policy, this control can be run in security zones in which you specify that administrator-approved controls can be run.
If you disable this policy or do not configure it, this control will not be designated as administrator-approved.
To specify how administrator-approved controls are handled for each security zone, carry out the following steps:
1. In Group Policy, click User Configuration, click Internet Explorer Maintenance, and then click Security.
2. Double-click Security Zones and Content Ratings, click Import the Current Security Zones Settings, and then click Modify Settings.
3. Select the content zone in which you want to manage ActiveX controls, and then click Custom Level.
4. In the Run ActiveX Controls and Plug-ins area, click Administrator Approved.</string>
<string id="IE_ExplainGeneral_Zooming">This policy setting prevents the user from zooming in to or out of a page to better see the content.
If you enable this policy setting, applications that host MSHTML do not respond to user input that causes the content to be re-rendered at a scaled size.
If you disable or do not configure this policy setting, applications that host MSHTML respond to user input that causes the content to be re-rendered at a scaled size.</string>
<string id="IE_ExplainHelp_NoFeedback">Prevents users from sending feedback to Microsoft by clicking the Send Feedback command on the Help menu.
If you enable this policy, the Send Feedback command is removed from the Help menu.
If you disable this policy or do not configure it, users can fill out an Internet form to provide feedback about Microsoft products.</string>
<string id="IE_ExplainHelp_NoNetscapeHelp">Prevents users from displaying tips for users who are switching from Netscape.
If you enable this policy, the For Netscape Users command is removed from the Help menu.
If you disable this policy or do not configure it, users can display content about switching from Netscape by clicking the For Netscape Users command on the Help menu.
Caution: Enabling this policy does not remove the tips for Netscape users from the Microsoft Internet Explorer Help file.</string>
<string id="IE_ExplainHelp_NoTip">Prevents users from viewing or changing the Tip of the Day interface in Microsoft Internet Explorer.
If you enable this policy, the Tip of the Day command is removed from the Help menu.
If you disable this policy or do not configure it, users can enable or disable the Tip of the Day, which appears at the bottom of the browser.</string>
<string id="IE_ExplainIdentities">Prevents users from configuring unique identities by using Identity Manager.
Identity Manager enables users to create multiple accounts, such as e-mail accounts, on the same computer. Each user has a unique identity, with a different password and different program preferences.
If you enable this policy, users will not be able to create new identities, manage existing identities, or switch identities. The Switch Identity option will be removed from the File menu in Address Book.
If you disable this policy or do not configure it, users can set up and change identities.</string>
<string id="IE_ExplainInvestor">Designates a set of Microsoft Network (MSN) Investor controls as administrator-approved.
These controls enable users to view updated lists of stocks on their Web pages.
If you enable this policy, these controls can be run in security zones in which you specify that administrator-approved controls can be run.
If you disable this policy or do not configure it, these controls will not be designated as administrator-approved.
Select the check boxes for the controls that you want to designate as administrator-approved.
To specify how administrator-approved controls are handled for each security zone, carry out the following steps:
1. In Group Policy, click User Configuration, click Internet Explorer Maintenance, and then click Security.
2. Double-click Security Zones and Content Ratings, click Import the Current Security Zones Settings, and then click Modify Settings.
3. Select the content zone in which you want to manage ActiveX controls, and then click Custom Level.
4. In the Run ActiveX Controls and Plug-ins area, click Administrator Approved.</string>
<string id="IE_ExplainMaxSubscription">Restricts the amount of information downloaded for offline viewing.
If you enable this policy, you can set limits to the size and number of pages that users can download. If users attempt to exceed the number of subscriptions, a prompt will appear that states that they cannot set up more Web sites for offline viewing.
If you disable this policy or do not configure it, then users can determine the amount of content that is searched for new information and downloaded.
Caution: Although the Maximum Number of Offline Pages option determines how many levels of a Web site are searched for new information, it does not change the user interface in the Offline Favorites wizard.
Note: The begin and end times for downloading are measured in minutes after midnight. The Maximum Offline Page Crawl Depth setting specifies how many levels of a Web site are searched for new information.</string>
<string id="IE_ExplainMediaExpBar">Allows Administrators to enable and disable the Media Explorer Bar and set the auto-play default.
The Media Explorer Bar plays music and video content from the Internet.
If you disable the Media explorer bar, users cannot display the Media Explorer Bar. The auto-play feature is also disabled. When users click on a link within Internet Explorer, the content will be played by the default media client on their system.
If you enable the Media Explorer Bar or do not configure it, users can show and hide the Media Explorer Bar.
Administrators also have the ability to turn the auto-play feature on or off. This setting only applies if the Media Explorer Bar is enabled.
If checked, the Media Explorer Bar will automatically display and play the media content when the user clicks on a media link.
If unchecked, the content will be played by the default media client on their system.</string>
<string id="IE_ExplainMenu_Controls">Designates a set of Microsoft ActiveX controls used to manipulate pop-up menus in the browser as administrator-approved.
If you enable this policy, these controls can be run in security zones in which you specify that administrator-approved controls can be run.
If you disable this policy or do not configure it, these controls will not be designated as administrator-approved.
To specify a control as administrator-approved, click Enabled, and then select the check box for the control:
-- MCSiMenu - enables Web authors to control the placement and appearance of Windows pop-up menus on Web pages
-- Popup Menu Object - enables Web authors to add pop-up menus to Web pages
To specify how administrator-approved controls are handled for each security zone, carry out the following steps:
1. In Group Policy, click User Configuration, click Internet Explorer Maintenance, and then click Security.
2. Double-click Security Zones and Content Ratings, click Import the Current Security Zones Settings, and then click Modify Settings.
3. Select the content zone in which you want to manage ActiveX controls, and then click Custom Level.
4. In the Run ActiveX Controls and Plug-ins area, click Administrator Approved.</string>
<string id="IE_ExplainMenusCategory">Contains settings for showing or hiding menus and menu options in Internet Explorer.</string>
<string id="IE_ExplainMicrosoft_Chat">Designates the Microsoft Chat ActiveX control as administrator-approved.
This control is used by Web authors to build text-based and graphical-based Chat communities for real-time conversations on the Web.
If you enable this policy, this control can be run in security zones in which you specify that administrator-approved controls can be run.
If you disable this policy or do not configure it, this control will not be designated as administrator-approved.
To specify how administrator-approved controls are handled for each security zone, carry out the following steps:
1. In Group Policy, click User Configuration, click Internet Explorer Maintenance, and then click Security.
2. Double-click Security Zones and Content Ratings, click Import the Current Security Zones Settings, and then click Modify Settings.
3. Select the content zone in which you want to manage ActiveX controls, and then click Custom Level.
4. In the Run ActiveX Controls and Plug-ins area, click Administrator Approved.</string>
<string id="IE_ExplainMSNBC">Designates a set of MSNBC controls as administrator-approved.
These controls enable enhanced browsing of news reports on the MSNBC Web site.
If you enable this policy, these controls can be run in security zones in which you specify that administrator-approved controls can be run.
If you disable this policy or do not configure it, these controls will not be designated as administrator-approved.
Select the check boxes for the controls that you want to designate as administrator-approved.
To specify how administrator-approved controls are handled for each security zone, carry out the following steps:
1. In Group Policy, click User Configuration, click Internet Explorer Maintenance, and then click Security.
2. Double-click Security Zones and Content Ratings, click Import the Current Security Zones Settings, and then click Modify Settings.
3. Select the content zone in which you want to manage ActiveX controls, and then click Custom Level.
4. In the Run ActiveX Controls and Plug-ins area, click Administrator Approved.</string>
<string id="IE_ExplainNetShowFile">Designates NetShow File Transfer Control as an administrator approved control.
If you enable this policy, this control can be run in security zones in which you specify that administrator-approved controls can be run.
If you disable this policy or do not configure it, this control will not be designated as administrator-approved.
To specify how administrator-approved controls are handled for each security zone, carry out the following steps:
1. In Group Policy, click User Configuration, click Internet Explorer Maintenance, and then click Security.
2. Double-click Security Zones and Content Ratings, click Import the Current Security Zones Settings, and then click Modify Settings.
3. Select the content zone in which you want to manage ActiveX controls, and then click Custom Level.
4. In the Run ActiveX Controls and Plug-ins area, click Administrator Approved.</string>
<string id="IE_ExplainNoAddingChannels">Prevents users from adding channels to Internet Explorer.
Channels are Web sites that are updated automatically on your computer, according to a schedule specified by the channel provider.
If you enable this policy, the Add Active Channel button, which appears on a channel that users haven't yet subscribed to, will be disabled. Users also cannot add content that is based on a channel, such as some of the Active Desktop items from Microsoft's Active Desktop Gallery, to their desktop.
If you disable this policy or do not configure it, users can add channels to the Channel bar or to their desktop.
Note: Most channel providers use the words Add Active Channel for this option; however, a few use different words, such as Subscribe.</string>
<string id="IE_ExplainNoAddingSubscriptions">Prevents users from specifying that Web pages can be downloaded for viewing offline. When users make Web pages available for offline viewing, they can view the content when their computer is not connected to the Internet.
If you enable this policy, users cannot add new schedules for downloading offline content. The Make Available Offline check box will be dimmed in the Add Favorite dialog box.
If you disable this policy or do not configure it, users can add new offline content schedules.
This policy is intended for organizations that are concerned about server load for downloading content.
The "Hide Favorites menu" policy (located in User Configuration\Administrative Templates\Windows Components\Internet Explorer) takes precedence over this policy. If it is enabled, this policy is ignored.</string>
<string id="IE_ExplainNoBandCustomize">Prevents users from determining which toolbars are displayed in Microsoft Internet Explorer and File Explorer.
If you enable this policy, the list of toolbars, which users can display by clicking the View menu and then pointing to the Toolbars command, will appear dimmed.
If you disable this policy or do not configure it, users can determine which toolbars are displayed in File Explorer and Internet Explorer.
This policy can be used in coordination with the "Disable customizing browser toolbar buttons" policy, which prevents users from adding or removing toolbars from Internet Explorer.</string>
<string id="IE_ExplainNoBrowserContextMenu">This policy setting prevents the shortcut menu from appearing when a user right-clicks a webpage while using Internet Explorer. Starting with Windows 8, this policy setting only applies to Internet Explorer on the desktop.
If you enable this policy setting, the shortcut menu will not appear when a user right-clicks a webpage.
If you disable or do not configure this policy setting, users can use the shortcut menu.</string>
<string id="IE_ExplainNoCertError">This policy setting prevents the user from ignoring Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificate errors that interrupt browsing (such as "expired", "revoked", or "name mismatch" errors) in Internet Explorer.
If you enable this policy setting, the user cannot continue browsing.
If you disable or do not configure this policy setting, the user can choose to ignore certificate errors and continue browsing.</string>
<string id="IE_ExplainNoChannelLogging">Prevents channel providers from recording information about when their channel pages are viewed by users who are working offline.
If you enable this policy, it disables any channel logging settings set by channel providers in the channel definition format (.cdf) file. The .cdf file determines the schedule and other settings for downloading Web content.
If you disable this policy or do not configure it, channel providers can record information about when their channel pages are viewed by users who are working offline.</string>
<string id="IE_ExplainNoChannelUI">Prevents users from viewing the Channel bar interface. Channels are Web sites that are automatically updated on their computer according to a schedule specified by the channel provider.
If you enable this policy, the Channel bar interface will be disabled, and users cannot select the Internet Explorer Channel Bar check box on the Web tab in the Display Properties dialog box.
If you disable this policy or do not configure it, users can view and subscribe to channels from the Channel bar interface.</string>
<string id="IE_ExplainNoDelBrowsingHistory">This policy setting prevents the user from performing actions which will delete browsing history. For more information on browsing history Group Policy settings, see "Group Policies Settings in Internet Explorer 10" in the TechNet technical library.
If you enable this policy setting, the user cannot access the Delete Browsing History dialog box. Starting with Windows 8, users cannot click the Delete Browsing History button on the Settings charm.
If you disable or do not configure this policy setting, the user can access the Delete Browsing History dialog box. Starting with Windows 8, users can click the Delete Browsing History button on the Settings charm.</string>
<string id="IE_ExplainNoDelForms">This policy setting prevents the user from deleting form data. This feature is available in the Delete Browsing History dialog box.
If you enable this policy setting, form data is preserved when the user clicks Delete.
If you disable this policy setting, form data is deleted when the user clicks Delete.
If you do not configure this policy setting, the user can choose whether to delete or preserve form data when he or she clicks Delete.
If the "Prevent access to Delete Browsing History" policy setting is enabled, this policy setting is enabled by default.</string>
<string id="IE_ExplainNoDelPasswords">This policy setting prevents users from deleting passwords. This feature is available in the Delete Browsing History dialog box.
If you enable this policy setting, passwords are preserved when the user clicks Delete.
If you disable this policy setting, passwords are deleted when the user clicks Delete.
If you do not configure this policy setting, the user can choose whether to delete or preserve passwords when he or she clicks Delete.
If the "Prevent access to Delete Browsing History" policy setting is enabled, this policy setting is enabled by default.</string>
<string id="IE_ExplainNoEditingScheduleGroups">Prevents users from adding, editing, or removing schedules for offline viewing of Web pages and groups of Web pages that users have subscribed to.
A subscription group is a favorite Web page plus the Web pages it links to.
If you enable this policy, the Add, Remove, and Edit buttons on the Schedule tab in the Web page Properties dialog box are dimmed. To display this tab, users click the Tools menu, click Synchronize, select a Web page, click the Properties button, and then click the Schedule tab.
If you disable this policy or do not configure it, users can add, remove, and edit schedules for Web sites and groups of Web sites.
The "Disable editing schedules for offline pages" policy and the "Hide Favorites menu" policy (located in User Configuration\Administrative Templates\Windows Components\Internet Explorer) take precedence over this policy. If either policy is enabled, this policy is ignored.</string>
<string id="IE_ExplainNoEditingSubscriptions">Prevents users from editing an existing schedule for downloading Web pages for offline viewing.
When users make Web pages available for offline viewing, they can view content when their computer is not connected to the Internet.
If you enable this policy, users cannot display the schedule properties of pages that have been set up for offline viewing. If users click the Tools menu, click Synchronize, select a Web page, and then click the Properties button, no properties are displayed. Users do not receive an alert stating that the command is unavailable.
If you disable this policy or do not configure it, users can edit an existing schedule for downloading Web content for offline viewing.
This policy is intended for organizations that are concerned about server load for downloading content.
The "Hide Favorites menu" policy (located in User Configuration\Administrative Templates\Windows Components\Internet Explorer) takes precedence over this policy. If it is enabled, this policy is ignored.</string>
<string id="IE_ExplainNoFavorites">Prevents users from adding, removing, editing or viewing the list of Favorite links.
The Favorites list is a way to store popular links for future use.
If you enable this policy, the Favorites menu is removed from the interface, and the Favorites button on the browser toolbar appears dimmed. The Add to Favorites command on the shortcut menu is disabled; when users click it, they are informed that the command is unavailable.
If you disable this policy or do not configure it, users can manage their Favorites list.
Note: If you enable this policy, users also cannot click Synchronize on the Tools menu (in Internet Explorer 6) to manage their favorite links that are set up for offline viewing.</string>
<string id="IE_ExplainNoFirstRunCustomise">This policy setting prevents Internet Explorer from running the First Run wizard the first time a user starts the browser after installing Internet Explorer or Windows.
If you enable this policy setting, you must make one of the following choices:
• Skip the First Run wizard, and go directly to the user's home page.
• Skip the First Run wizard, and go directly to the "Welcome to Internet Explorer" webpage.
Starting with Windows 8, the "Welcome to Internet Explorer" webpage is not available. The user's home page will display regardless of which option is chosen.
If you disable or do not configure this policy setting, Internet Explorer may run the First Run wizard the first time the browser is started after installation.</string>
<string id="IE_ExplainNoHelpMenu">This policy setting prevents the user from accessing Help in Internet Explorer.
If you enable this policy setting, the following occur:
• The Help menu on the menu bar is not functional.
• Help is removed from the Command bar.
• The shortcut key F1 does not make Help appear.
• Help cannot be accessed from the Settings charm (starting with Internet Explorer 10 on Windows 8).
If you disable or do not configure this policy setting, the Internet Explorer Help menu is available to the user. The user can also use the Command bar and F1 to access Help.</string>
<string id="IE_ExplainNoIESearchBox">This policy setting prevents the Search box from appearing in Internet Explorer. When the Search box is available, it includes all installed search providers and a link to search settings.
If you enable this policy setting, the Search box does not appear in the Internet Explorer frame.
If you disable or do not configure this policy setting, the Search box appears by default in the Internet Explorer frame.
Note: If you enable this policy setting, Internet Explorer does not enumerate search providers for the Accelerators infrastructure. If Accelerators are turned on, users can install search providers as Accelerators to include them on the Accelerator menu.</string>
<string id="IE_ExplainNoJITSetup">Prevents Internet Explorer from automatically installing components.
If you enable this policy, it prevents Internet Explorer from downloading a component when users browse to a Web site that needs that component.
If you disable this policy or do not configure it, users will be prompted to download and install a component when visiting a Web site that uses that component.
This policy is intended to help the administrator control which components the user installs.</string>
<string id="IE_ExplainNoOpeninNewWnd">Prevents using the shortcut menu to open a link in a new browser window.
If you enable this policy, users cannot point to a link, click the right mouse button, and then click the Open in New Window command.
If you disable this policy or do not configure it, users can open a Web page in a new browser window by using the shortcut menu.
This policy can be used in coordination with the "File menu: Disable New menu option" policy, which prevents users from opening the browser in a new window by clicking the File menu, pointing to New, and then clicking Window.
Note: When users click the Open in New Window command, the link will not open in a new window and they will be informed that the command is not available.</string>
<string id="IE_ExplainNoQuickTabs">This policy setting allows you to turn off the Quick Tabs functionality in Internet Explorer.
If you enable this policy setting, the entry points to Quick Tabs are removed from the Internet Explorer user interface.
If you disable or do not configure this policy setting, Quick Tabs is turned on.</string>
<string id="IE_ExplainNoRemovingChannels">Prevents users from disabling channel synchronization in Microsoft Internet Explorer.
Channels are Web sites that are automatically updated on your computer according to a schedule specified by the channel provider.
If you enable this policy, users cannot prevent channels from being synchronized.
If you disable this policy or do not configure it, users can disable the synchronization of channels.
This policy is intended to help administrators ensure that users' computers are being updated uniformly across their organization.
Note: This policy does not prevent users from removing active content from the desktop interface.</string>
<string id="IE_ExplainNoRemovingSubscriptions">Prevents users from clearing the preconfigured settings for Web pages to be downloaded for offline viewing.
When users make Web pages available for offline viewing, they can view content when their computer is not connected to the Internet.
If you enable this policy, the Make Available Offline check box in the Organize Favorites Favorite dialog box and the Make This Page Available Offline check box will be selected but dimmed. To display the Make This Page Available Offline check box, users click the Tools menu, click Synchronize, and then click the Properties button.
If you disable this policy or do not configure it, users can remove the preconfigured settings for pages to be downloaded for offline viewing.
This policy is intended for organizations that are concerned about server load for downloading content.
The "Hide Favorites menu" policy (located in User Configuration\Administrative Templates\Windows Components\Internet Explorer) takes precedence over this policy. If it is enabled, this policy is ignored.</string>
<string id="IE_ExplainNoScheduledUpdates">Disables existing schedules for downloading Web pages for offline viewing.
When users make Web pages available for offline viewing, they can view content when their computer is not connected to the Internet.
If you enable this policy, the check boxes for schedules on the Schedule tab of the Web page properties are cleared and users cannot select them. To display this tab, users click the Tools menu, click Synchronize, select a Web page, click the Properties button, and then click the Schedule tab.
If you disable this policy, then Web pages can be updated on the schedules specified on the Schedule tab.
This policy is intended for organizations that are concerned about server load for downloading content.
The "Hide Favorites menu" policy (located in User Configuration\Administrative Templates\Windows Components\Internet Explorer) takes precedence over this policy. If it is enabled, this policy is ignored.</string>
<string id="IE_ExplainNoSearchCustomization">Makes the Customize button in the Search Assistant appear dimmed.
The Search Assistant is a tool that appears in the Search bar to help users search the Internet.
If you enable this policy, users cannot change their Search Assistant settings, such as setting default search engines for specific tasks.
If you disable this policy or do not configure it, users can change their settings for the Search Assistant.
This policy is designed to help administrators maintain consistent settings for searching across an organization.</string>
<string id="IE_ExplainNoSearchProvider">This policy setting prevents the user from changing the default search provider for the Address bar and the toolbar Search box.
If you enable this policy setting, the user cannot change the default search provider.
If you disable or do not configure this policy setting, the user can change the default search provider.</string>
<string id="IE_ExplainNoSelectDownloadDir">Prevents users from saving a program or file that Microsoft Internet Explorer has downloaded to the hard disk.
If you enable this policy, users cannot save a program to disk by clicking the Save This Program to Disk command while attempting to download a file. The file will not be downloaded and users will be informed that the command is not available.
If you disable this policy or do not configure it, users can download programs from their browsers.</string>
<string id="IE_ExplainNoSplash">Prevents the Internet Explorer splash screen from appearing when users start the browser.
If you enable this policy, the splash screen, which displays the program name, licensing, and copyright information, is not displayed.
If you disable this policy or do not configure it, the splash screen will be displayed when users start their browsers.</string>
<string id="IE_ExplainNoSubscriptionContent">Prevents content from being downloaded from Web sites that users have subscribed to.
When users make Web pages available for offline viewing, they can view content when their computer is not connected to the Internet.
If you enable this policy, content will not be downloaded from Web sites that users have subscribed to. However, synchronization with the Web pages will still occur to determine if any content has been updated since the last time the user synchronized with or visited the page.
If you disable this policy or do not configure it, content will not be prevented from being downloaded.
The "Disable downloading of site subscription content" policy and the "Hide Favorites menu" policy (located in User Configuration\Administrative Templates\Windows Components\Internet Explorer) take precedence over this policy. If either policy is enabled, this policy is ignored.</string>
<string id="IE_ExplainNoTabBrowsing">This policy setting allows you to turn off tabbed browsing and related entry points from the Internet Explorer user interface. Starting with Windows 8, this policy only applies to Internet Explorer on the desktop.
If you enable this policy setting, tabbed browsing and related entry points are turned off for Internet Explorer, and the user cannot turn them on.
If you disable this policy setting, tabbed browsing and related entry points appear on the user interface for Internet Explorer, and the user cannot turn them off.
If you do not configure this policy setting, the user can turn on or turn off tabbed browsing.</string>
<string id="IE_ExplainNoTabBrowsingPopups">This policy setting allows you to define the user experience related to how pop-up windows appear in tabbed browsing in Internet Explorer.
If you enable this policy setting, the user cannot configure pop-up windows in tabbed browsing. You must specify one of the following values:
0: Let Internet Explorer decide.
1: Force pop-up windows to open in new windows.
2: Force pop-up windows to open on new tabs.
If you disable or do not configure this policy setting, Internet Explorer uses the user's setting for pop-up windows in tabbed browsing.</string>
<string id="IE_ExplainNoToolbarCustomize">Prevents users from determining which buttons appear on the Microsoft Internet Explorer and File Explorer standard toolbars. The buttons appearing on the toolbar can be customized by the "Customize" option. This is present under the Toolbars submenu of the View menu in Internet Explorer 6 and under the Toolbars submenu of the Tools menu in the Command bar in subsequent versions of Internet Explorer.
If you enable this policy, the Customize option will be removed from the menu.
If you disable this policy or do not configure it, users can customize which buttons appear on the Internet Explorer and File Explorer toolbars.
This policy can be used in coordination with the "Disable customizing browser toolbars" policy, which prevents users from determining which toolbars are displayed in Internet Explorer and File Explorer.</string>
<string id="IE_ExplainNoUpdateCheck">Prevents Internet Explorer from checking whether a new version of the browser is available.
If you enable this policy, it prevents Internet Explorer from checking to see whether it is the latest available browser version and notifying users if a new version is available.
If you disable this policy or do not configure it, Internet Explorer checks every 30 days by default, and then notifies users if a new version is available.
This policy is intended to help the administrator maintain version control for Internet Explorer by preventing users from being notified about new versions of the browser.</string>
<string id="IE_ExplainNoWindowReuse">This policy setting allows you to configure how windows open in Internet Explorer when the user clicks links from other applications.
If you enable this policy setting, the user cannot configure how windows open in Internet Explorer when he or she clicks links from other applications. You must specify one of the following:
• Open in an existing Internet Explorer window. If tabbed browsing is enabled, a new tab is created in this scenario.
• Open a new Internet Explorer window.
If you disable or do not configure this policy setting, the user can configure how windows open when he or she clicks links from other applications.</string>
<string id="IE_ExplainOEVirusProtection">Allows Administrators to enable and disable the ability for Outlook Express users to save or open attachments that can potentially contain a virus.
If you check the block attachments setting, users will be unable to open or save attachments that could potentially contain a virus. Users will not be able to disable the blocking of attachments in options.
If the block attachments setting is not checked, the user can specify to enable or disable the blocking of attachments in options.</string>
<string id="IE_ExplainPersistence_FileLimits0">Limits the amount of storage that a page or site using the DHTML Persistence behavior can use for the Local Computer security zone.
If you enable this policy, you can specify the persistence storage amount per domain or per document for this security zone.
If you disable this policy or do not configure it, you cannot set this limit.
Note: This setting does not appear in the user interface.</string>
<string id="IE_ExplainPersistence_FileLimits1">Limits the amount of storage that a page or site using the DHTML Persistence behavior can use for the Local Intranet security zone.
If you enable this policy, you can specify the persistence storage amount per domain or per document for this security zone.
If you disable this policy or do not configure it, you cannot set this limit.
Note: This setting does not appear in the user interface.</string>
<string id="IE_ExplainPersistence_FileLimits2">Limits the amount of storage that a page or site using the DHTML Persistence behavior can use for the Trusted Sites security zone.
If you enable this policy, you can specify the persistence storage amount per domain or per document for this security zone.
If you disable this policy or do not configure it, you cannot set this limit.
Note: This setting does not appear in the user interface.</string>
<string id="IE_ExplainPersistence_FileLimits3">Limits the amount of storage that a page or site using the DHTML Persistence behavior can use for the Internet security zone.
If you enable this policy, you can specify the persistence storage amount per domain or per document for this security zone.
If you disable this policy or do not configure it, you cannot set this limit.
Note: This setting does not appear in the user interface.</string>
<string id="IE_ExplainPersistence_FileLimits4">Limits the amount of storage that a page or site using the DHTML Persistence behavior can use for the Restricted Sites security zone.
If you enable this policy, you can specify the persistence storage amount per domain or per document for this security zone.
If you disable this policy or do not configure it, you cannot set this limit.
Note: This setting does not appear in the user interface.</string>
<string id="IE_ExplainPersistenceCategory">Contains settings for file size limits in internet security zones.</string>
<string id="IE_ExplainRestrictAccessibility">If you enable this policy, the user cannot modify the Accessibility options. All options in the "Accessibility" window on the General Tab in the Internet Options dialog box appear dimmed.
If you disable this policy or do not configure it, users can change accessibility settings, such as overriding fonts and colors on Web pages.
If you set the "Disable the General page" policy (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel), you do not need to set this policy, because the "Disable the General page" policy removes the General tab from the interface.</string>
<string id="IE_ExplainRestrictAutoconfig">This setting specifies to automatically detect the proxy server settings used to connect to the Internet and customize Internet Explorer. This setting specifies that Internet explorer use the configuration settings provided in a file by the system administrator.
If you enable this policy setting, the user will not be able to do automatic configuration. You can import your current connection settings from your machine using Internet Explorer Maintenance under Admin Templates using group policy editor.
If you disable or do no configure this policy setting, the user will have the freedom to automatically configure these settings.</string>
<string id="IE_ExplainRestrictCache">Prevents users from changing the browser cache settings, such as the location and amount of disk space to use for the Temporary Internet Files folder.
If you enable this policy, the browser cache settings appear dimmed. These settings are found in the dialog box that appears when users click the General tab and then click the Settings button in the Internet Options dialog box.
If you disable this policy or do not configure it, users can change their cache settings.
If you set the "Disable the General page" policy (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel), you do not need to set this policy, because the "Disable the General page" policy removes the General tab from the interface.</string>
<string id="IE_ExplainRestrictCalendarContact">Prevents users from changing the default programs for managing schedules and contacts.
If you enable this policy, the Calendar and Contact combo boxes appear dimmed in the Internet Programs area. To display these options, users open the Internet Options dialog box, and then click the Programs tab.
If you disable this policy or do not configure it, users can determine which programs to use for managing schedules and contacts, if programs that perform these tasks are installed.
This "Disable the Programs Page" policy (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel) takes precedence over this policy. If it is enabled, this policy is ignored.</string>
<string id="IE_ExplainRestrictCertificates">Prevents users from changing certificate settings in Internet Explorer. Certificates are used to verify the identity of software publishers.
If you enable this policy, the settings in the Certificates area on the Content tab in the Internet Options dialog box appear dimmed.
If you disable this policy or do not configure it, users can import new certificates, remove approved publishers, and change settings for certificates that have already been accepted.
The "Disable the Content page" policy (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel), which removes the Content tab from Internet Explorer in Control Panel, takes precedence over this policy. If it is enabled, this policy is ignored.
Caution: If you enable this policy, users can still run the Certificate Manager Import Wizard by double-clicking a software publishing certificate (.spc) file. This wizard enables users to import and configure settings for certificates from software publishers that haven't already been configured for Internet Explorer.</string>
<string id="IE_ExplainRestrictCheckBrowser">Prevents Microsoft Internet Explorer from checking to see whether it is the default browser.
If you enable this policy, the Internet Explorer Should Check to See Whether It Is the Default Browser check box on the Programs tab in the Internet Options dialog box appears dimmed.
If you disable this policy or do not configure it, users can determine whether Internet Explorer will check to see if it is the default browser. When Internet Explorer performs this check, it prompts the user to specify which browser to use as the default.
This policy is intended for organizations that do not want users to determine which browser should be their default.
The "Disable the Programs page" policy (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel), which removes the Programs tab from Internet Explorer in Control Panel, takes precedence over this policy. If it is enabled, this policy is ignored.</string>
<string id="IE_ExplainNotifyNotDefaultBrowser">This policy setting allows you to choose whether users will be notified if Internet Explorer is not the default web browser.
If you enable this policy setting, users will be notified if Internet Explorer is not the default web browser. Users cannot change the setting.
If you disable this policy setting, users will not be notified if Internet Explorer is not the default web browser. Users cannot change the setting.
If you do not configure this policy setting, users can choose whether to be notified that Internet Explorer is not the default web browser through the Tell me if Internet Explorer is not the default web browser check box on the Programs tab in the Internet Options dialog box. Note that starting with Internet Explorer 10 on Windows 8, the check box is located on the Advanced tab in the Internet Options dialog box. For more information, see "Group Policy Settings in Internet Explorer 10" in the Internet Explorer TechNet library.</string>
<string id="IE_ExplainRestrictColors">Prevents users from changing the default Web page colors.
If you enable this policy, the color settings for Web pages appear dimmed. The settings are located in the Colors area in the dialog box that appears when the user clicks the General tab and then clicks the Colors button in the Internet Options dialog box.
If you disable this policy or do not configure it, users can change the default background and text color of Web pages.
If you set the "Disable the General page" policy (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel), you do not need to set this policy, because the "Disable the General page" policy removes the General tab from the interface.
Note: The default Web page colors are ignored on Web pages in which the author has specified the background and text colors.</string>
<string id="IE_ExplainRestrictConnectionSettings">Prevents users from changing dial-up settings.
If you enable this policy, the Settings button on the Connections tab in the Internet Options dialog box appears dimmed.
If you disable this policy or do not configure it, users can change their settings for dial-up connections.
If you set the "Disable the Connections page" policy (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel), you do not need to set this policy, because the "Disable the Connections page" policy removes the Connections tab from the interface.</string>
<string id="IE_ExplainRestrictConnectionWizard">Prevents users from running the Internet Connection Wizard.
If you enable this policy, the Setup button on the Connections tab in the Internet Options dialog box appears dimmed.
Users will also be prevented from running the wizard by clicking the Connect to the Internet icon on the desktop or by clicking Start, pointing to Programs, pointing to Accessories, pointing to Communications, and then clicking Internet Connection Wizard.
If you disable this policy or do not configure it, users can change their connection settings by running the Internet Connection Wizard.
Note: This policy overlaps with the "Disable the Connections page" policy (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel), which removes the Connections tab from the interface. Removing the Connections tab from the interface, however, does not prevent users from running the Internet Connection Wizard from the desktop or the Start menu.</string>
<string id="IE_ExplainRestrictFonts">Prevents users from changing font settings.
If you enable this policy, users will not be able to change font settings for viewing Web pages. All font settings visible after pressing the "Fonts" button on the General Tab in the Internet Options dialog box will be disabled.
If you disable this policy or do not configure it, users can change the default fonts for viewing Web pages.
If you set the "Disable the General page" policy (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel), you do not need to set this policy, because the "Disable the General page" policy removes the General tab from the interface.
Note: The default font settings colors are ignored in cases in which the Web page author has specified the font attributes.</string>
<string id="IE_ExplainRestrictFormSuggest">This AutoComplete feature suggests possible matches when users are filling up forms.
If you enable this setting, the user is not suggested matches when filling forms. The user cannot change it.
If you disable this setting, the user is suggested possible matches when filling forms. The user cannot change it.
If you do not configure this setting, the user has the freedom to turn on the auto-complete feature for forms.
To display this option, the users open the Internet Options dialog box, click the Contents Tab and click the Settings button.</string>
<string id="IE_ExplainRestrictFormSuggestPW">This AutoComplete feature can remember and suggest User names and passwords on Forms.
If you enable this setting, the user cannot change "User name and passwords on forms" or "prompt me to save passwords". The Auto Complete feature for User names and passwords on Forms will be turned on. You have to decide whether to select "prompt me to save passwords".
If you disable this setting the user cannot change "User name and passwords on forms" or "prompt me to save passwords". The Auto Complete feature for User names and passwords on Forms is turned off. The user also cannot opt to be prompted to save passwords.
If you do not configure this setting, the user has the freedom of turning on Auto complete for User name and passwords on forms and the option of prompting to save passwords. To display this option, the users open the Internet Options dialog box, click the Contents Tab and click the Settings button.</string>
<string id="IE_ExplainRestrictHistory">This setting specifies the number of days that Internet Explorer tracks views of pages in the History List. To access the Temporary Internet Files and History Settings dialog box, from the Menu bar, on the Tools menu, click Internet Options, click the General tab, and then click Settings under Browsing history.
If you enable this policy setting, a user cannot set the number of days that Internet Explorer tracks views of the pages in the History List. You must specify the number of days that Internet Explorer tracks views of pages in the History List. Users can not delete browsing history.
If you disable or do not configure this policy setting, a user can set the number of days that Internet Explorer tracks views of pages in the History list. Users can delete browsing history.</string>
<string id="IE_ExplainRestrictHomePage">The Home page specified on the General tab of the Internet Options dialog box is the default Web page that Internet Explorer loads whenever it is run.
If you enable this policy setting, a user cannot set a custom default home page. You must specify which default home page should load on the user machine. For machines with at least Internet Explorer 7, the home page can be set within this policy to override other home page policies.
If you disable or do not configure this policy setting, the Home page box is enabled and users can choose their own home page.</string>
<string id="IE_ExplainRestrictLanguages">Prevents users from changing language preference settings.
If you enable this policy, users will not be able to set language preferences to read websites. Language preference settings visible after pressing the "Languages" button on the General Tab in the Internet Options dialog box will be disabled.
If you disable this policy or do not configure it, users can change the language preference settings for viewing Web sites for languages in which the character set has been installed.
If you set the "Disable the General page" policy (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel), you do not need to set this policy, because the "Disable the General page" policy removes the General tab from the interface.</string>
<string id="IE_ExplainRestrictLinks">Prevents users from changing the colors of links on Web pages.
If you enable this policy, the color settings for links appear dimmed. The settings are located in the Links area of the dialog box that appears when users click the General tab and then click the Colors button in the Internet Options dialog box.
If you disable this policy or do not configure it, users can change the default color of links on Web pages.
If you set the "Disable the General page" policy (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel), you do not need to set this policy, because the "Disable the General page" policy removes the General tab from the interface.
Note: The default link colors are ignored on Web pages on which the author has specified link colors.</string>
<string id="IE_ExplainRestrictMessaging">Prevents users from changing the default programs for messaging tasks.
If you enable this policy, the E-mail, Newsgroups, and Internet Call options in the Internet Programs area appear dimmed. To display these options, users open the Internet Options dialog box, and then click the Programs tab.
If you disable this policy or do not configure it, users can determine which programs to use for sending mail, viewing newsgroups, and placing Internet calls, if programs that perform these tasks are installed.
The "Disable the Programs page" policy (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel), which removes the Programs tab from Internet Explorer in Control Panel, takes precedence over this policy. If it is enabled, this policy is ignored.</string>
<string id="IE_ExplainRestrictPopupExceptionList">You can allow pop-ups from specific websites by adding the sites to the exception list.
If you enable this policy setting, the user cannot add websites to or remove websites from the exception list.
If you disable or do not configure this policy setting, the user can add websites to or remove websites from the exception list.
Note: You can allow a default list of sites that can open pop-up windows regardless of the Internet Explorer process's Pop-Up Blocker settings by enabling the "Specify pop-up allow list" policy setting.</string>
<string id="IE_ExplainRestrictPopupManagement">This policy setting allows you to manage pop-up management functionality in Internet Explorer.
If you enable this policy setting, the Control Panel information relating to pop-up management will be unavailable (grayed out) and all other pop-up manager controls, notifications, and dialog boxes will not appear. Pop-up windows will continue to function as they did in Windows XP Service Pack 1 or earlier, although windows launched off screen will continue to be re-positioned onscreen.
If you disable or do not configure this policy setting, the popup management feature will be functional.</string>
<string id="IE_ExplainRestrictProfiles">Prevents users from changing Profile Assistant settings.
If you enable this policy, the My Profile button appears dimmed in the Personal Information area on the Content tab in the Internet Options dialog box.
If you disable this policy or do not configure it, users can change their profile information, such as their street and e-mail addresses.
The "Disable the Content page" policy (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel), which removes the Content tab from Internet Explorer in Control Panel, takes precedence over this policy. If it is enabled, this policy is ignored.</string>
<string id="IE_ExplainRestrictProxy">This policy setting specifies if a user can change proxy settings.
If you enable this policy setting, the user will not be able to configure proxy settings.
If you disable or do not configure this policy setting, the user can configure proxy settings.</string>
<string id="IE_ExplainRestrictRatings">Prevents users from changing ratings that help control the type of Internet content that can be viewed.
If you enable this policy, the settings in the Content Advisor area on the Content tab in the Internet Options dialog box appear dimmed.
If you disable this policy or do not configure it, users can change their ratings settings.
The "Disable the Ratings page" policy (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel), which removes the Ratings tab from Internet Explorer in Control Panel, takes precedence over this policy. If it is enabled, this policy is ignored.</string>
<string id="IE_ExplainRestrictResetWebSettings">Prevents users from restoring default settings for home and search pages.
If you enable this policy, the Reset Web Settings button on the Programs tab in the Internet Options dialog box appears dimmed.
If you disable this policy or do not configure it, users can restore the default settings for home and search pages.
The "Disable the Programs page" policy (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel), which removes the Programs tab from Internet Explorer in Control Panel, takes precedence over this policy. If it is enabled, this policy is ignored.</string>
<string id="IE_ExplainRestrictSettings">This policy setting is used to manage temporary Internet files and cookies associated with your Internet browsing history, available by clicking Tools, Internet Options, and then Delete Browsing History in Internet Explorer.
If you enable this policy setting, users will not be able to delete temporary Internet files and cookies.
If you disable or do not configure this policy setting, users will be able to delete temporary Internet files and cookies.</string>
<string id="IE_ExplainRestrictWebAddressSuggest">This AutoComplete feature suggests possible matches when users are entering Web addresses in the browser address bar.
If you enable this policy setting, user will not be suggested matches when entering Web addresses. The user cannot change the auto-complete for web-address setting.
If you disable this policy setting, user will be suggested matches when entering Web addresses. The user cannot change the auto-complete for web-address setting.
If you do not configure this policy setting, a user will have the freedom to choose to turn the auto-complete setting for web-addresses on or off.</string>
<string id="IE_ExplainRestrictWSAutoComplete">This policy setting allows you to prevent Windows Search AutoComplete from providing results in the Internet Explorer Address bar.
Windows Search AutoComplete suggests possible matches when a user is entering a web address in the browser Address bar. This feature provides more relevant results in the browser Address bar.
If you enable this policy setting, Internet Explorer does not use Windows Search AutoComplete for providing relevant results in the Address bar. The user cannot change this setting.
If you disable this policy setting, Internet Explorer uses Windows Search AutoComplete to provide relevant results in the Address bar. The user cannot change this setting.
If you do not configure this policy setting, the user can choose to turn the Use Windows Search setting on or off.
Note: If you enable this policy setting, feeds do not appear in the Address bar. This does not affect subscribing to feeds and interacting with them through the Favorites Center.</string>
<string id="IE_ExplainRestrictDomainSuggestion">This policy setting turns off URL Suggestions. URL Suggestions allow users to autocomplete URLs in the address bar based on common URLs. The list of common URLs is stored locally and is updated once a month. No user data is sent over the internet by this feature.
If you enable this policy setting, URL Suggestions will be turned off. Users will not be able to turn on URL Suggestions.
If you disable this policy setting, URL Suggestions will be turned on. Users will not be able to turn off URL Suggestions.
If you do not configure this policy setting, URL Suggestions will be turned on. Users will be able to turn on or turn off URL Suggestions in the Internet Options dialog. By default, URL Suggestions are turned on.</string>
<string id="IE_ExplainScriptlet">Designates Microsoft Scriptlet Component as an administrator approved control. It is an Active X control which is used to render HTML pages.
If you enable this policy, this control can be run in security zones in which you specify that administrator-approved controls can be run.
If you disable this policy or do not configure it, this control will not be designated as administrator-approved.
To specify how administrator-approved controls are handled for each security zone, carry out the following steps:
1. In Group Policy, click User Configuration, click Internet Explorer Maintenance, and then click Security.
2. Double-click Security Zones and Content Ratings, click Import the Current Security Zones Settings, and then click Modify Settings.
3. Select the content zone in which you want to manage ActiveX controls, and then click Custom Level.
4. In the Run ActiveX Controls and Plug-ins area, click Administrator Approved.</string>
<string id="IE_ExplainSearch_NoFindFiles">Disables using the F3 key to search in Internet Explorer and File Explorer.
If you enable this policy, the search functionality of the F3 key is disabled. Users cannot press F3 to search the Internet (from Internet Explorer) or to search the hard disk (from File Explorer). If the user presses F3, a prompt appears that informs the user that this feature has been disabled.
If you disable this policy or do not configure it, users can press F3 to search the Internet (from Internet Explorer) or the hard disk (from File Explorer).
This policy is intended for situations in which administrators do not want users to explore the Internet or the hard disk.
This policy can be used in coordination with the "File Menu: Disable Open menu option" policy (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\Browser Menus), which prevents users from opening files by using the browser.</string>
<string id="IE_ExplainSecurity_HKLM_only">Applies security zone information to all users of the same computer. A security zone is a group of Web sites with the same security level.
If you enable this policy, changes that the user makes to a security zone will apply to all users of that computer.
If you disable this policy or do not configure it, users of the same computer can establish their own security zone settings.
This policy is intended to ensure that security zone settings apply uniformly to the same computer and do not vary from user to user.
Also, see the "Security zones: Do not allow users to change policies" policy.</string>
<string id="IE_ExplainSecurity_options_edit">Prevents users from changing security zone settings. A security zone is a group of Web sites with the same security level.
If you enable this policy, the Custom Level button and security-level slider on the Security tab in the Internet Options dialog box are disabled.
If you disable this policy or do not configure it, users can change the settings for security zones.
This policy prevents users from changing security zone settings established by the administrator.
Note: The "Disable the Security page" policy (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel), which removes the Security tab from Internet Explorer in Control Panel, takes precedence over this policy. If it is enabled, this policy is ignored.
Also, see the "Security zones: Use only machine settings" policy.</string>
<string id="IE_ExplainSecurity_zones_map_edit">Prevents users from adding or removing sites from security zones. A security zone is a group of Web sites with the same security level.
If you enable this policy, the site management settings for security zones are disabled. (To see the site management settings for security zones, in the Internet Options dialog box, click the Security tab, and then click the Sites button.)
If you disable this policy or do not configure it, users can add Web sites to or remove sites from the Trusted Sites and Restricted Sites zones, and alter settings for the Local Intranet zone.
This policy prevents users from changing site management settings for security zones established by the administrator.
Note: The "Disable the Security page" policy (located in \User Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel), which removes the Security tab from the interface, takes precedence over this policy. If it is enabled, this policy is ignored.
Also, see the "Security zones: Use only machine settings" policy.</string>
<string id="IE_ExplainSecurityPage_AutoDetect">This policy setting enables intranet mapping rules to be applied automatically if the computer belongs to a domain.
If you enable this policy setting, automatic detection of the intranet is turned on, and intranet mapping rules are applied automatically if the computer belongs to a domain.
If you disable this policy setting, automatic detection of the intranet is turned off, and intranet mapping rules are applied however they are configured.
If this policy setting is not configured, the user can choose whether or not to automatically detect the intranet through the intranet settings dialog in Control Panel.</string>
<string id="IE_ExplainSecurityPage_WarnOnIntranet">This policy setting causes a Notification bar notification to appear when intranet content is loaded and the intranet mapping rules have not been configured. The Notification bar allows the user to enable intranet mappings, if they require them.
If you enable this policy setting, a Notification bar notification appears whenever the user browses to a page that loads content from an intranet site.
If you disable this policy setting, a Notification bar notification does not appear when the user loads content from an intranet site that is being treated as though it is in the Internet zone.
If this policy setting is not configured, a Notification bar notification appears for intranet content loaded on a browser on a computer that is not a domain member, until the user turns off the Notification bar.</string>
<string id="IE_ExplainShellNotifications">Specifies that programs using the Microsoft Software Distribution Channel will not notify users when they install new components. The Software Distribution Channel is a means of updating software dynamically on users' computers by using Open Software Distribution (.osd) technologies.
If you enable this policy, users will not be notified if their programs are updated using Software Distribution Channels.
If you disable this policy or do not configure it, users will be notified before their programs are updated.
This policy is intended for administrators who want to use Software Distribution Channels to update their users' programs without user intervention.</string>
<string id="IE_ExplainSpecificSearchProvider">This policy setting allows you to restrict the search providers that appear in the Search box in Internet Explorer to those defined in the list of policy keys for search providers (found under [HKCU or HKLM\Software\policies\Microsoft\Internet Explorer\SearchScopes]). Normally, search providers can be added from third-party toolbars or in Setup, but the user can also add them from a search provider's website.
If you enable this policy setting, the user cannot configure the list of search providers on his or her computer, and any default providers installed do not appear (including providers installed from other applications). The only providers that appear are those in the list of policy keys for search providers. Note: This list can be created through a custom administrative template file. For information about creating this custom administrative template file, see the Internet Explorer documentation on search providers.
If you disable or do not configure this policy setting, the user can configure his or her list of search providers.</string>
<string id="IE_ExplainSQM_DisableCEIP">This policy setting prevents the user from participating in the Customer Experience Improvement Program (CEIP).
If you enable this policy setting, the user cannot participate in the CEIP, and the Customer Feedback Options command does not appear on the Help menu.
If you disable this policy setting, the user must participate in the CEIP, and the Customer Feedback Options command does not appear on the Help menu.
If you do not configure this policy setting, the user can choose to participate in the CEIP.</string>
<string id="IE_ExplainSurvey">Designates Microsoft Survey Control as an administrator approved control.
If you enable this policy, this control can be run in security zones in which you specify that administrator-approved controls can be run.
If you disable this policy or do not configure it, this control will not be designated as administrator-approved.
To specify how administrator-approved controls are handled for each security zone, carry out the following steps:
1. In Group Policy, click User Configuration, click Internet Explorer Maintenance, and then click Security.
2. Double-click Security Zones and Content Ratings, click Import the Current Security Zones Settings, and then click Modify Settings.
3. Select the content zone in which you want to manage ActiveX controls, and then click Custom Level.
4. In the Run ActiveX Controls and Plug-ins area, click Administrator Approved.</string>
<string id="IE_ExplainTabOpenInFgBg">This policy setting allows you to configure how new tabs are created by default in Internet Explorer.
If you enable this policy setting, the user cannot configure how new tabs are created by default. You must specify whether tabs should open in the foreground or in the background. The user cannot open the tabs in the background by pressing Ctrl+Shift+Select or open the tabs in the foreground by pressing Ctrl+Shift+Select.
If you disable or do not configure this policy setting, the user can configure how new tabs are created by default.</string>
<string id="IE_ExplainToolbarButtons">Specifies which buttons will be displayed on the standard toolbar in Microsoft Internet Explorer.
If you enable this policy, you can specify whether or not each button will be displayed by selecting or clearing the check boxes for each button.
If you disable this policy or do not configure it, the standard toolbar will be displayed with its default settings, unless users customize it.</string>
<string id="IE_ExplainToolbarsCategory">Contains settings to allow and restrict users from editing the toolbars in Internet Explorer. Administrators can also set the default toolbar buttons.</string>
<string id="IE_ExplainTools_Menu">Prevents users from opening the Internet Options dialog box from the Tools menu in Microsoft Internet Explorer.
If you enable this policy, users cannot change their Internet options, such as default home page, cache size, and connection and proxy settings, from the browser Tools menu. When users click the Internet Options command on the Tools menu, they are informed that the command is unavailable.
If you disable this policy or do not configure it, users can change their Internet settings from the browser Tools menu.
Caution: This policy does not prevent users from viewing and changing Internet settings by clicking the Internet Options icon in Windows Control Panel.
Also, see policies for Internet options in the \Administrative Templates\Windows Components\Internet Explorer and in \Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel folders.</string>
<string id="IE_ExplainUserProxy">Applies proxy settings to all users of the same computer.
If you enable this policy, users cannot set user-specific proxy settings. They must use the zones created for all users of the computer.
If you disable this policy or do not configure it, users of the same computer can establish their own proxy settings.
This policy is intended to ensure that proxy settings apply uniformly to the same computer and do not vary from user to user.</string>
<string id="IE_ExplainView_NoTheaterMode">Prevents users from displaying the browser in full-screen (kiosk) mode, without the standard toolbar.
If you enable this policy, the Full Screen command on the View menu will appear dimmed, and pressing F11 will not display the browser in a full screen.
If you disable this policy or do not configure it, users can display the browser in a full screen.
This policy is intended to prevent users from displaying the browser without toolbars, which might be confusing for some beginning users.</string>
<string id="IE_ExplainView_NoViewSource">Prevents users from viewing the HTML source of Web pages by clicking the Source command on the View menu.
If you enable this policy, the Source command on the View menu will appear dimmed.
If you disable this policy or do not configure it, then users can view the HTML source of Web pages from the browser View menu.
Caution: This policy does not prevent users from viewing the HTML source of a Web page by right-clicking a Web page to open the shortcut menu, and then clicking View Source. To prevent users from viewing the HTML source of a Web page from the shortcut menu, set the "Turn off Shortcut Menu" policy, which disables the entire shortcut menu.</string>
<string id="IEDecide">Let Internet Explorer decide</string>
<string id="IESF_AddOnManagement">Add-on Management</string>
<string id="IESF_AddOnManagement_AllProcs_Explain">This policy setting allows you to manage whether processes respect add-on management user preferences (as reflected by Add-on Manager) or policy settings. By default, any process other than the Internet Explorer processes or those listed in the 'Process List' policy setting ignore add-on management user preferences and policy settings.
If you enable this policy setting, all processes will respect add-on management user preferences and policy settings.
If you disable or do not configure this policy setting, all processes will not respect add-on management user preferences or policy settings.</string>
<string id="IESF_AddOnManagement_ProcList_Explain">This policy setting allows you to manage whether the listed processes respect add-on management user preferences (as entered into Add-on Manager) or policy settings. By default, only Internet Explorer processes use the add-on management user preferences and policy settings. This policy setting allows you to extend support for these user preferences and policy settings to specific processes listed in the process list.
If you enable this policy setting and enter a Value of 1, the process entered will respect the add-on management user preferences and policy settings. If you enter a Value of 0, the add-on management user preferences and policy settings are ignored by the specified process. The Value Name is the name of the executable. If a Value Name is empty or the Value is not 0 or 1, the policy setting is ignored.
Do not enter Internet Explorer processes in this list because these processes always respect add-on management user preferences and policy settings. If the All Processes policy setting is enabled, the processes configured in this policy setting take precedence over that setting.
If you do not configure this policy, processes other than the Internet Explorer processes will not be affected by add-on management user preferences or policy settings (unless "All Processes" is enabled).</string>
<string id="IESF_CategoryAJAX">AJAX</string>
<string id="IESF_CategoryBinaryBehaviorSecurityRestriction">Binary Behavior Security Restriction</string>
<string id="IESF_CategoryConsistentMimeHandling">Consistent Mime Handling</string>
<string id="IESF_CategoryInformationBar">Notification bar</string>
<string id="IESF_CategoryLocalMachineZoneLockdownSecurity">Local Machine Zone Lockdown Security</string>
<string id="IESF_CategoryMimeSniffingSafetyFeature">Mime Sniffing Safety Feature</string>
<string id="IESF_CategoryMKProtocolSecurityRestriction">MK Protocol Security Restriction</string>
<string id="IESF_CategoryNetworkProtocolLockdown">Network Protocol Lockdown</string>
<string id="IESF_CategoryObjectCachingProtection">Object Caching Protection</string>
<string id="IESF_CategoryProtectionFromZoneElevation">Protection From Zone Elevation</string>
<string id="IESF_CategoryRestrictActiveXInstall">Restrict ActiveX Install</string>
<string id="IESF_CategoryRestrictFileDownload">Restrict File Download</string>
<string id="IESF_CategoryScriptedWindowSecurityRestrictions">Scripted Window Security Restrictions</string>
<string id="IESF_DisableXMLHTTP">Allow native XMLHTTP support</string>
<string id="IESF_ExplainAJAX">Technologies that enable communications between clients and server and/or cross domain communications.</string>
<string id="IESF_Explain_BinaryBehaviorAdminAllow">For each zone, the Binary and Scripted Behavior security restrictions may be configured to allow only a list of admin-approved behaviors. This list may be configured here, and applies to all processes which have opted in to the behavior, and to all zones. (Behaviors are components that encapsulate specific functionality or behavior on a page.)
If you enable this policy setting, this sets the list of behaviors permitted in each zone for which Script and Binary Behaviors is set to 'admin-approved'. Behaviors must be entered in #package#behavior notation, e.g., #default#vml.
If you disable this policy setting, no behaviors will be allowed in zones set to 'admin-approved', just as if those zones were set to 'disable'.
If you do not configure this policy setting, only VML will be allowed in zones set to 'admin-approved'.
Note. If this policy is set in both Computer Configuration and User Configuration, both lists of behaviors will be allowed as appropriate.</string>
<string id="IESF_ExplainAddOnManagementCategory">Internet Explorer allows users and administrators to decide which add-ons are permitted to load. Applications hosting the Web Browser Control can be configured to respect the same settings as Internet Explorer.</string>
<string id="IESF_ExplainBinaryBehaviorSecurityRestriction_AllProcs_Explain">Internet Explorer contains dynamic binary behaviors: components that encapsulate specific functionality for the HTML elements to which they are attached. This policy setting controls whether the Binary Behavior Security Restriction setting is prevented or allowed.
If you enable this policy setting, binary behaviors are prevented for all processes. Any use of binary behaviors for HTML rendering is blocked.
If you disable or do not configure this policy setting, binary behaviors are allowed for all processes.</string>
<string id="IESF_ExplainBinaryBehaviorSecurityRestriction_IE_Explain">Internet Explorer contains dynamic binary behaviors: components that encapsulate specific functionality for the HTML elements to which they are attached. This policy setting controls whether the Binary Behavior Security Restriction setting is prevented or allowed.
If you enable this policy setting, binary behaviors are prevented for the File Explorer and Internet Explorer processes.
If you disable this policy setting, binary behaviors are allowed for the File Explorer and Internet Explorer processes.
If you do not configure this policy setting, binary behaviors are prevented for the File Explorer and Internet Explorer processes.</string>
<string id="IESF_ExplainBinaryBehaviorSecurityRestriction_ProcList_Explain">Internet Explorer contains dynamic binary behaviors: components that encapsulate specific functionality for the HTML elements to which they are attached. This policy setting controls whether the Binary Behavior Security Restriction setting is prevented or allowed.
This policy setting allows administrators to define applications for which they want this security feature to be prevented or allowed.
If you enable this policy setting and enter a Value of 1 binary behaviors are prevented. If you enter a Value of 0 binary behaviors are allowed. The Value Name is the name of the executable. If a Value Name is empty or the Value is not 0 or 1, the policy setting is ignored.
Do not enter the Internet Explorer processes in this list: use the related Internet Explorer Processes policy to enable or disable IE processes. If the All Processes policy setting is enabled, the processes configured in this box take precedence over that setting.
If you disable or do not configure this policy setting, the security feature is allowed.</string>
<string id="IESF_ExplainBinaryBehaviorSecurityRestrictionCategory">Internet Explorer contains dynamic binary behaviors: components that encapsulate specific functionality for HTML elements to which they were attached. These binary behaviors are not controlled by any pages in zones such as Restricted Sites. In Windows XP Service Pack 2, there is a new Internet Explorer security setting for binary behaviors. This new binary behaviors security setting provides a general mitigation to vulnerabilities in Internet Explorer binary behaviors, and disables any binary behaviors for HTML rendering from the Restricted Sites zone by default.</string>
<string id="IESF_ExplainConsistentMimeHandling_AllProcs_Explain">Internet Explorer uses Multipurpose Internet Mail Extensions (MIME) data to determine file handling procedures for files received through a Web server.
This policy setting determines whether Internet Explorer requires that all file-type information provided by Web servers be consistent. For example, if the MIME type of a file is text/plain but the MIME sniff indicates that the file is really an executable file, Internet Explorer renames the file by saving it in the Internet Explorer cache and changing its extension.
If you enable this policy setting, Consistent Mime Handling is enabled for all processes.
If you disable or do not configure this policy setting, Consistent Mime Handling is prevented for all processes.</string>
<string id="IESF_ExplainConsistentMimeHandling_IE_Explain">Internet Explorer uses Multipurpose Internet Mail Extensions (MIME) data to determine file handling procedures for files received through a Web server.
This policy setting determines whether Internet Explorer requires that all file-type information provided by Web servers be consistent. For example, if the MIME type of a file is text/plain but the MIME sniff indicates that the file is really an executable file, Internet Explorer renames the file by saving it in the Internet Explorer cache and changing its extension.
If you enable this policy setting, Internet Explorer requires consistent MIME data for all received files.
If you disable this policy setting, Internet Explorer will not require consistent MIME data for all received files.
If you do not configure this policy setting, Internet Explorer requires consistent MIME data for all received files.</string>
<string id="IESF_ExplainConsistentMimeHandling_ProcList_Explain">Internet Explorer uses Multipurpose Internet Mail Extensions (MIME) data to determine file handling procedures for files received through a Web server.
This policy setting determines whether Internet Explorer requires that all file-type information provided by Web servers be consistent. For example, if the MIME type of a file is text/plain but the MIME sniff indicates that the file is really an executable file, Internet Explorer renames the file by saving it in the Internet Explorer cache and changing its extension.
This policy setting allows administrators to define applications for which they want this security feature to be prevented or allowed.
If you enable this policy setting and enter a Value of 1, MIME handling is in effect. If you enter a Value of 0 file-type information is allowed to be inconsistent. The Value Name is the name of the executable. If a Value Name is empty or the Value is not 0 or 1, the policy setting is ignored.
Do not enter the Internet Explorer processes in this list: use the related Internet Explorer Processes policy to enable or disable IE processes. If the All Processes policy setting is enabled, the processes configured in this box take precedence over that setting.
If you disable or do not configure this policy setting, the security feature is allowed.</string>
<string id="IESF_ExplainConsistentMimeHandlingCategory">Internet Explorer uses Multipurpose Internet Mail Extensions (MIME) type information to decide how to handle files that have been sent by a Web server. For example, when there is a Hypertext Transfer Protocol (HTTP) request for .jpg files, on receipt are generally displayed to the user in an Internet Explorer window. If Internet Explorer receives an executable file, Internet Explorer generally prompted the user for how to handle the file.
In Windows XP Service Pack 2, Internet Explorer follows stricter rules that are designed to reduce the attack surface for spoofing the Internet Explorer MIME-handling logic.
When files are served to the client, Internet Explorer uses the following pieces of information to decide how to handle the file:
- File name extension
- Content-Type from the HTTP header (MIME type)
- Content-Disposition from the HTTP header
- Results of the MIME sniff
In Windows XP Service Pack 2, Internet Explorer requires that all file-type information that is provided by Web servers is consistent. For example, if the MIME type of a file is "text/plain" but the MIME sniff indicates that the file is really an executable file, Internet Explorer renames the file by saving the file in the Internet Explorer cache and changes its extension. (In a MIME sniff, Internet Explorer examines, or sniffs, a file to recognize the bit signatures of certain types of files.)</string>
<string id="IESF_ExplainDisableXMLHTTP">This policy setting allows the user to run natively implemented, scriptable XMLHTTP.
If you enable this policy setting, the user can run natively implemented, scriptable XMLHTTP.
If you disable this policy setting, the user cannot run natively implemented, scriptable XMLHTTP.
If you do not configure this policy setting, the user can choose to run natively implemented, scriptable XMLHTTP.</string>
<string id="IESF_ExplainInformationBar_AllProcs_Explain">This policy setting allows you to manage whether the Notification bar is displayed for processes other than the Internet Explorer processes when file or code installs are restricted. By default, the Notification bar is not displayed for any process when file or code installs are restricted (except for the Internet Explorer Processes, for which the Notification bar is displayed by default).
If you enable this policy setting, the Notification bar will be displayed for all processes.
If you disable or do not configure this policy setting, the Notification bar will not be displayed for all processes other than Internet Explorer or those listed in the Process List.</string>
<string id="IESF_ExplainInformationBar_IE_Explain">This policy setting allows you to manage whether the Notification bar is displayed for Internet Explorer processes when file or code installs are restricted. By default, the Notification bar is displayed for Internet Explorer processes.
If you enable this policy setting, the Notification bar will be displayed for Internet Explorer Processes.
If you disable this policy setting, the Notification bar will not be displayed for Internet Explorer processes.
If you do not configure this policy setting, the Notification bar will be displayed for Internet Explorer Processes.</string>
<string id="IESF_ExplainInformationBar_ProcList_Explain">This policy setting allows you to manage whether the Notification bar is displayed for specific processes when file or code installs are restricted. By default, the Notification bar is not displayed for any process when file or code installs are restricted (except for the Internet Explorer Processes, for which the Notification bar is displayed by default).
If you enable this policy setting and enter a Value of 1, the Notification bar is displayed. If you enter a Value of 0 the Notification bar is not displayed. The Value Name is the name of the executable. If a Value Name is empty or the Value is not 0 or 1, the policy setting is ignored.
Do not enter the Internet Explorer processes in this list: use the related Internet Explorer Processes policy to enable or disable for IE processes. If the All Processes policy setting is enabled, the processes configured in this box take precedence over that setting.
If you disable or do not configure this policy setting, the Notification bar is not displayed for the specified processes.</string>
<string id="IESF_ExplainInformationBarCategory">Enables applications hosting the Web Browser Control to automatically show the Notification bar when file downloads or code installs are restricted.</string>
<string id="IESF_ExplainLocalMachineZoneLockdownSecurity_AllProcs_Explain">Internet Explorer places zone restrictions on each Web page it opens, which are dependent upon the location of the Web page (Internet, Intranet, Local Machine zone, etc.). Web pages on the local computer have the fewest security restrictions and reside in the Local Machine zone.
Local Machine zone security applies to all local files and content. This feature helps to mitigate attacks where the Local Machine zone is used as an attack vector to load malicious HTML code.
If you enable this policy setting, the Local Machine zone security applies to all local files and content processed by any process other than Internet Explorer or those defined in a process list.
If you disable or do not configure this policy setting, Local Machine zone security is not applied to local files or content processed by any process other than Internet Explorer or those defined in a process list.</string>
<string id="IESF_ExplainLocalMachineZoneLockdownSecurity_IE_Explain">Internet Explorer places zone restrictions on each Web page it opens, which are dependent upon the location of the Web page (Internet, Intranet, Local Machine zone, etc.). Web pages on the local computer have the fewest security restrictions and reside in the Local Machine zone.
Local Machine zone security applies to all local files and content processed by Internet Explorer. This feature helps to mitigate attacks where the Local Machine zone is used as an attack vector to load malicious HTML code.
If you enable this policy setting, the Local Machine zone security applies to all local files and content processed by Internet Explorer.
If you disable this policy setting, Local Machine zone security is not applied to local files or content processed by Internet Explorer.
If you do not configure this policy setting, the Local Machine zone security applies to all local files and content processed by Internet Explorer.</string>
<string id="IESF_ExplainLocalMachineZoneLockdownSecurity_ProcList_Explain">Internet Explorer places zone restrictions on each Web page it opens, which are dependent upon the location of the Web page (Internet, Intranet, Local Machine zone, and so on). Web pages on the local computer have the fewest security restrictions and reside in the Local Machine zone.
Local Machine zone security applies to all local files and content. This feature helps to mitigate attacks where the Local Machine zone is used as an attack vector to load malicious HTML code.
If you enable this policy setting and enter a value of 1, Local Machine Zone security applies. If you enter a value of 0, Local Machine Zone security does not apply. If a Value Name is empty or the Value is not 0 or 1, the policy setting is ignored.
Do not enter the Internet Explorer processes in this list: use the related Internet Explorer Processes policy to enable or disable IE processes. If the All Processes policy setting is enabled, the processes configured in this box take precedence over that setting.
If you disable or do not configure this policy setting, the security feature is allowed.</string>
<string id="IESF_ExplainLocalMachineZoneLockdownSecurityCategory">When Internet Explorer opens a Web page, it places restrictions on what the page can do, based on the location of the Web page. For example, Web pages that are located on the Internet might not be able to perform some operations, such as accessing information from the local hard drive.
On the other hand, Web pages on the local computer are in the Local Machine zone, where they have the fewest security restrictions. The Local Machine zone is an Internet Explorer security zone, but is not displayed in the settings for Internet Explorer. The Local Machine zone allows Web content to run with fewer restrictions. Unfortunately, attackers also try to take advantage of the Local Machine zone to elevate their privileges and compromise a computer.
In Windows XP Service Pack 2, all local files and content that is processed by Internet Explorer has the security of the Local Machine zone applied to it. This differs from previous versions, where local content was considered to be secure and had no zone-based security was placed on it.
This feature dramatically restricts HTML in the Local Machine zone and controls running in the Local Machine Zone. This helps to mitigate attacks where the Local Machine zone is used as an attack vector to load malicious code.</string>
<string id="IESF_ExplainMimeSniffingSafetyFeature_AllProcs_Explain">This policy setting determines whether Internet Explorer MIME sniffing will prevent promotion of a file of one type to a more dangerous file type.
If you enable this policy setting, the Mime Sniffing Safety Feature is enabled for all processes.
If you disable or do not configure this policy setting, the Mime Sniffing Safety Feature is disabled for all processes.</string>
<string id="IESF_ExplainMimeSniffingSafetyFeature_IE_Explain">This policy setting determines whether Internet Explorer MIME sniffing will prevent promotion of a file of one type to a more dangerous file type.
If you enable this policy setting, MIME sniffing will never promote a file of one type to a more dangerous file type.
If you disable this policy setting, Internet Explorer processes will allow a MIME sniff promoting a file of one type to a more dangerous file type.
If you do not configure this policy setting, MIME sniffing will never promote a file of one type to a more dangerous file type.</string>
<string id="IESF_ExplainMimeSniffingSafetyFeature_ProcList_Explain">This policy setting determines whether Internet Explorer MIME sniffing will prevent promotion of a file of one type to a more dangerous file type.
This policy setting allows administrators to define applications for which they want this security feature to be prevented or allowed.
If you enable this policy setting and enter a Value of 1, this protection will be in effect. If you enter a Value of 0, any file may be promoted to more dangerous file types. The Value Name is the name of the executable. If a Value Name is empty or the Value is not 0 or 1, the policy setting is ignored.
Do not enter the Internet Explorer processes in this list: use the related Internet Explorer Processes policy to enable or disable IE processes. If the All Processes policy setting is enabled, the processes configured in this box take precedence over that setting.
If you disable or do not configure this policy setting, the security feature is allowed.</string>
<string id="IESF_ExplainMimeSniffingSafetyFeatureCategory">One of the backup criteria for determining a file type is the result of the MIME sniff. By examining (or sniffing) a file, Internet Explorer can recognize the bit signatures of certain types of files. In Windows XP Service Pack 2, Internet Explorer MIME sniffing will never promote a file of one type to a more dangerous file type. For example, files that are received as plain text but that include HTML code will not be promoted to the HTML type, which could contain malicious code.
In the absence of other file type information, the MIME sniff might be the only information that determines how to handle a given file download. If, for instance, Internet Explorer upgrades a text file to an HTML file, the file might execute code from the browser and possibly elevate the file's security privilege.
Settings note: this feature can be turned off by zone in IE security zones settings.</string>
<string id="IESF_ExplainMKProtocolSecurityRestriction_AllProcs_Explain">The MK Protocol Security Restriction policy setting reduces attack surface area by preventing the MK protocol. Resources hosted on the MK protocol will fail.
If you enable this policy setting, the MK Protocol is disabled for all processes. Any use of the MK Protocol is blocked.
If you disable or do not configure this policy setting, the MK Protocol is enabled.</string>
<string id="IESF_ExplainMKProtocolSecurityRestriction_IE_Explain">The MK Protocol Security Restriction policy setting reduces attack surface area by preventing the MK protocol. Resources hosted on the MK protocol will fail.
If you enable this policy setting, the MK Protocol is prevented for File Explorer and Internet Explorer, and resources hosted on the MK protocol will fail.
If you disable this policy setting, applications can use the MK protocol API. Resources hosted on the MK protocol will work for the File Explorer and Internet Explorer processes.
If you do not configure this policy setting, the MK Protocol is prevented for File Explorer and Internet Explorer, and resources hosted on the MK protocol will fail.</string>
<string id="IESF_ExplainMKProtocolSecurityRestriction_ProcList_Explain">The MK Protocol Security Restriction policy setting reduces attack surface area by preventing the MK protocol. Resources hosted on the MK protocol will fail.
This policy setting allows administrators to define applications for which they want this security feature to be prevented or allowed.
If you enable this policy setting and enter a Value of 1, use of the MK protocol is prevented. If you enter a Value of 0, use of the MK protocol is allowed. If a Value Name is empty or the Value is not 0 or 1, the policy setting is ignored.
Do not enter the Internet Explorer processes in this list: use the related Internet Explorer Processes policy to enable or disable IE processes. If the All Processes policy setting is enabled, the processes configured in this box take precedence over that setting.
If you disable or do not configure this policy setting, the policy setting is ignored.</string>
<string id="IESF_ExplainMKProtocolSecurityRestrictionCategory">In a reduction of attack surface, retired protocols are no longer supported. This feature disables the MK protocol. Resources hosted on the MK protocol will fail. Some legacy middleware apps may use this API, and this registry key can be set to allow them to continue to use it.</string>
<string id="IESF_ExplainNetworkProtocolLockdown_AllProcs_Explain">Internet Explorer may be configured to prevent active content obtained through restricted protocols from running in an unsafe manner. This policy setting controls whether restricting content obtained through restricted protocols is prevented or allowed.
If you enable this policy setting, restricting content obtained through restricted protocols is allowed for all processes other than File Explorer or Internet Explorer.
If you disable this policy setting, restricting content obtained through restricted protocols is prevented for all processes other than File Explorer or Internet Explorer.
If you do not configure this policy setting, no policy is enforced for processes other than File Explorer and Internet Explorer.</string>
<string id="IESF_ExplainNetworkProtocolLockdown_IE_Explain">File Explorer and Internet Explorer may be configured to prevent active content obtained through restricted protocols from running in an unsafe manner. This policy setting controls whether restricting content obtained through restricted protocols is prevented or allowed.
If you enable this policy setting, restricting content obtained through restricted protocols is allowed for File Explorer and Internet Explorer processes. For example, you can restrict active content from pages served over the http and https protocols by adding the value names http and https.
If you disable this policy setting, restricting content obtained through restricted protocols is prevented for File Explorer and Internet Explorer processes.
If you do not configure this policy setting, the policy setting is ignored.</string>
<string id="IESF_ExplainNetworkProtocolLockdown_ProcList_Explain">Internet Explorer may be configured to prevent active content obtained through restricted protocols from running in an unsafe manner. This policy setting controls whether restricting content obtained through restricted protocols is prevented or allowed.
This policy setting allows administrators to define applications for which they want restricting content obtained through restricted protocols to be prevented or allowed.
If you enable this policy setting and enter a Value of 1, restricting content obtained through restricted protocols is allowed. If you enter a Value of 0, restricting content obtained through restricted protocols is blocked. The Value Name is the name of the executable. If a Value Name is empty or the Value is not 0 or 1, the policy setting is ignored.
Do not enter the File Explorer or Internet Explorer processes in this list: use the related Internet Explorer Processes policy to enable or disable these processes. If the All Processes policy setting is enabled, the processes configured in this box take precedence over that setting.
If you disable or do not configure this policy setting, the security feature is allowed.</string>
<string id="IESF_ExplainNetworkProtocolLockdownCategory">In File Explorer, Internet Explorer, or any other process which opts into the security restriction, Network Protocol Lockdown may be implemented in any security zone in order to prevent active content obtained through restricted protocols from running in an unsafe manner, if the target URL is in that zone. Each zone may be set to either prompt the user when such content attempts to run, or to simply disallow the content in that zone.</string>
<string id="IESF_ExplainObjectCachingProtection_AllProcs_Explain">This policy setting defines whether a reference to an object is accessible when the user navigates within the same domain or to a new domain.
If you enable this policy setting, object reference is no longer accessible when navigating within or across domains for all processes.
If you disable or do not configure this policy setting, object reference is retained when navigating within or across domains in the Restricted Zone sites.</string>
<string id="IESF_ExplainObjectCachingProtection_IE_Explain">This policy setting defines whether a reference to an object is accessible when the user navigates within the same domain or to a new domain.
If you enable this policy setting, an object reference is no longer accessible when navigating within or across domains for Internet Explorer processes.
If you disable this policy setting, an object reference is retained when navigating within or across domains for Internet Explorer processes.
If you do not configure this policy setting, an object reference is no longer accessible when navigating within or across domains for Internet Explorer processes.</string>
<string id="IESF_ExplainObjectCachingProtection_ProcList_Explain">This policy setting defines whether a reference to an object is accessible when the user navigates within the same domain or to a new domain.
This policy setting allows administrators to define applications for which they want this security feature to be prevented or allowed.
If you enable this policy setting and enter a Value of 1, references to objects are inaccessible after navigation. If you enter a Value of 0, references to objects are still accessible after navigation. The Value Name is the name of the executable. If a Value Name is empty or the Value is not 0 or 1, the policy setting is ignored.
Do not enter the Internet Explorer processes in this list: use the related Internet Explorer Processes policy to enable or disable IE processes. If the All Processes policy setting is enabled, the processes configured in this box take precedence over that setting.
If you disable or do not configure this policy setting, the security feature is allowed.</string>
<string id="IESF_ExplainObjectCachingProtectionCategory">In previous versions of Windows with Internet Explorer, some Web pages could access objects cached from another Web site. In Windows XP Service Pack 2, a reference to an object is no longer accessible when the user navigates to a new domain.
For Windows XP Service Pack 2, there is now a new security context on all scriptable objects so that access to all cached objects is blocked. In addition to blocking access when navigating across domains, access is also blocked when navigating within the same domain. (In this context, a domain is defined as a fully qualified domain name (FQDN)). A reference to an object is no longer accessible after the context has changed due to navigation.</string>
<string id="IESF_ExplainProtectionFromZoneElevation_AllProcs_Explain">Internet Explorer places restrictions on each Web page it opens. The restrictions are dependent upon the location of the Web page (Internet, Intranet, Local Machine zone, and so on). For example, Web pages on the local computer have the fewest security restrictions and reside in the Local Machine zone, making the Local Machine security zone a prime target for malicious users.
If you enable this policy setting, any zone can be protected from zone elevation for all processes.
If you disable or do not configure this policy setting, processes other than Internet Explorer or those listed in the Process List receive no such protection.</string>
<string id="IESF_ExplainProtectionFromZoneElevation_IE_Explain">Internet Explorer places restrictions on each Web page it opens. The restrictions are dependent upon the location of the Web page (Internet, Intranet, Local Machine zone, etc.). Web pages on the local computer have the fewest security restrictions and reside in the Local Machine zone, making the Local Machine security zone a prime target for malicious users. Zone Elevation also disables JavaScript navigation if there is no security context.
If you enable this policy setting, any zone can be protected from zone elevation by Internet Explorer processes.
If you disable this policy setting, no zone receives such protection for Internet Explorer processes.
If you do not configure this policy setting, any zone can be protected from zone elevation by Internet Explorer processes.</string>
<string id="IESF_ExplainProtectionFromZoneElevation_ProcList_Explain">Internet Explorer places restrictions on each Web page it opens. The restrictions are dependent upon the location of the Web page (Internet, Intranet, Local Machine zone, and so on). Web pages on the local computer have the fewest security restrictions and reside in the Local Machine zone, making the Local Machine security zone a prime target for malicious users. Zone Elevation also disables JavaScript navigation if there is no security context.
This policy setting allows administrators to define applications for which they want this security feature to be prevented or allowed.
If you enable this policy setting and enter a Value of 1, elevation to more privileged zones can be prevented. If you enter a Value of 0, elevation to any zone is allowed. The Value Name is the name of the executable. If a Value Name is empty or the Value is not 0 or 1, the policy setting is ignored.
Do not enter the Internet Explorer processes in this list: use the related Internet Explorer Processes policy to enable or disable IE processes. If the All Processes policy setting is enabled, the processes configured in this box take precedence over that setting.
If you disable or do not configure this policy setting, the security feature is allowed.</string>
<string id="IESF_ExplainProtectionFromZoneElevationCategory">When a Web page is opened in Internet Explorer, Internet Explorer puts restrictions on what the page can do, based on where that Web page came from: the Internet, a local intranet server, a trusted site, and so on. For example, pages on the Internet have stricter security restrictions than pages on a user's local intranet. Web pages on a user's computer are in the Local Machine security zone, where they have the fewest security restrictions. This makes the Local Machine security zone a prime target for malicious users. Zone Elevation Blocks makes it harder to get code to run in this zone. (As a separate feature, Local Machine Zone Lockdown makes the zone less vulnerable to malicious users by changing its security settings.)
Internet Explorer prevents the overall security context for any link on a page from being higher than the security context of the root URL. This means, for example, that a page in the Internet zone cannot navigate to a page in the Local Intranet zone, except as the result of a user-initiated action. A script, for example, could not cause this navigation. For the purpose of this mitigation, the security context ranking of the zones, from highest security context to lowest, is: Restricted Sites zone, Internet zone, Local Intranet zone, Trusted Sites zone, and Local Machine zone.
Zone Elevation also disables JavaScript navigation if there is no security context.
Settings note: this feature can be turned off or set to prompt by zone in IE security zones settings.</string>
<string id="IESF_ExplainRestrictActiveXInstall_AllProcs_Explain">This policy setting enables applications hosting the Web Browser Control to block automatic prompting of ActiveX control installation.
If you enable this policy setting, the Web Browser Control will block automatic prompting of ActiveX control installation for all processes.
If you disable or do not configure this policy setting, the Web Browser Control will not block automatic prompting of ActiveX control installation for all processes.</string>
<string id="IESF_ExplainRestrictActiveXInstall_IE_Explain">This policy setting enables blocking of ActiveX control installation prompts for Internet Explorer processes.
If you enable this policy setting, prompting for ActiveX control installations will be blocked for Internet Explorer processes.
If you disable this policy setting, prompting for ActiveX control installations will not be blocked for Internet Explorer processes.
If you do not configure this policy setting, the user's preference will be used to determine whether to block ActiveX control installations for Internet Explorer processes.</string>
<string id="IESF_ExplainRestrictActiveXInstall_ProcList_Explain">This policy setting enables applications hosting the Web Browser Control to block automatic prompting of ActiveX control installation.
If you enable this policy setting and enter a Value of 1, automatic prompting of ActiveX control installation is blocked. If you enter a Value of 0, automatic prompting of ActiveX control installation is allowed. The Value Name is the name of the executable. If a Value Name is empty or the Value is not 0 or 1, the policy setting is ignored.
Do not enter the Internet Explorer processes in this list: use the related Internet Explorer Processes policy to enable or disable IE processes. If the All Processes policy setting is enabled, the processes configured in this box take precedence over that setting.
If you disable or do not configure this policy setting, the security feature is allowed.</string>
<string id="IESF_ExplainRestrictActiveXInstallCategory">Enables applications hosting the Web Browser Control to block automatic prompting of ActiveX control installation. If a policy setting blocks prompting for an ActiveX control installation, the Notification bar appears instead.</string>
<string id="IESF_ExplainRestrictFileDownload_AllProcs_Explain">This policy setting enables applications hosting the Web Browser Control to block automatic prompting of file downloads that are not user initiated.
If you enable this policy setting, the Web Browser Control will block automatic prompting of file downloads that are not user initiated for all processes.
If you disable this policy setting, the Web Browser Control will not block automatic prompting of file downloads that are not user initiated for all processes.</string>
<string id="IESF_ExplainRestrictFileDownload_IE_Explain">This policy setting enables blocking of file download prompts that are not user initiated.
If you enable this policy setting, file download prompts that are not user initiated will be blocked for Internet Explorer processes.
If you disable this policy setting, prompting will occur for file downloads that are not user initiated for Internet Explorer processes.
If you do not configure this policy setting, the user's preference determines whether to prompt for file downloads that are not user initiated for Internet Explorer processes.</string>
<string id="IESF_ExplainRestrictFileDownload_ProcList_Explain">This policy setting enables applications hosting the Web Browser Control to block automatic prompting of file downloads that are not user initiated.
If you enable this policy setting and enter a Value of 1, automatic prompting of non-initiated file downloads is blocked. If you enter a Value of 0, automatic prompting of non-initiated file downloads is allowed. The Value Name is the name of the executable. If a Value Name is empty or the Value is not 0 or 1, the policy setting is ignored.
Do not enter the Internet Explorer processes in this list: use the related Internet Explorer Processes policy to enable or disable IE processes. If the All Processes policy setting is enabled, the processes configured in this box take precedence over that setting.
If you disable or do not configure this policy setting, the security feature is allowed.</string>
<string id="IESF_ExplainRestrictFileDownloadCategory">Enables applications hosting the Web Browser Control to block automatic prompting of file downloads that were not user initiated. If a policy setting blocks prompting for a file download, the Notification bar appears instead.</string>
<string id="IESF_ExplainScriptedWindowSecurityRestrictions_AllProcs_Explain">Internet Explorer allows scripts to programmatically open, resize, and reposition windows of various types. The Window Restrictions security feature restricts popup windows and prohibits scripts from displaying windows in which the title and status bars are not visible to the user or obfuscate other Windows' title and status bars.
If you enable this policy setting, scripted windows are restricted for all processes.
If you disable or do not configure this policy setting, scripted windows are not restricted.</string>
<string id="IESF_ExplainScriptedWindowSecurityRestrictions_IE_Explain">Internet Explorer allows scripts to programmatically open, resize, and reposition windows of various types. The Window Restrictions security feature restricts popup windows and prohibits scripts from displaying windows in which the title and status bars are not visible to the user or obfuscate other Windows' title and status bars.
If you enable this policy setting, popup windows and other restrictions apply for File Explorer and Internet Explorer processes.
If you disable this policy setting, scripts can continue to create popup windows and windows that obfuscate other windows.
If you do not configure this policy setting, popup windows and other restrictions apply for File Explorer and Internet Explorer processes.</string>
<string id="IESF_ExplainScriptedWindowSecurityRestrictions_ProcList_Explain">Internet Explorer allows scripts to programmatically open, resize, and reposition windows of various types. The Window Restrictions security feature restricts popup windows and prohibits scripts from displaying windows in which the title and status bars are not visible to the user or obfuscate other Windows' title and status bars.
This policy setting allows administrators to define applications for which they want this security feature to be prevented or allowed.
If you enable this policy setting and enter a Value of 1, such windows may not be opened. If you enter a Value of 0, windows have none of these restrictions. The Value Name is the name of the executable. If a Value Name is empty or the Value is not 0 or 1, the policy setting is ignored.
Do not enter the Internet Explorer processes in this list: use the related Internet Explorer Processes policy to enable or disable IE processes. If the All Processes policy setting is enabled, the processes configured in this box take precedence over that setting.
If you disable or do not configure this policy setting, the security feature is allowed.</string>
<string id="IESF_ExplainScriptedWindowSecurityRestrictionsCategory">Internet Explorer provides the capability for scripts to programmatically open additional windows of various types, and to resize and reposition existing windows. The Window Restrictions security feature restricts two types of script-initiated windows that have been used by malicious persons to deceive users: popup windows (which do not have components such as the address bar, title bar, status bar, and toolbars) and windows that include the title bar and status bar.
Script-initiated windows with the title bar and status bar are constrained in scripted movement to ensure that these important and informative bars remain visible after the operation completes.
- Scripts cannot position windows so that the title bar or address bar are above the visible top of the display.
- Scripts cannot position windows such that the status bar is below the visible bottom of the display.
- Script-initiated windows that include a title bar and status bar are constrained in scripted sizing to ensure that the title bar and status bar remain visible after the operation completes.
- Scripts cannot resize windows such that the title bar, address bar, or status bar cannot be seen.
- When creating a window, the definition of the fullscreen=yes specification is changed to mean "show the window as maximized," which will keep the title bar, address bar, and status bar visible.
Internet Explorer has been modified to not turn off the status bar for any windows. The status bar is always visible for all Internet Explorer windows.
Script-initiated popup windows are now constrained so that they:
- Do not extend above the top or below the bottom of the parent Internet Explorer Web Object Control (WebOC) window.
- Are smaller in height than the parent WebOC window.
- Overlap the parent window horizontally.
- Stay with the parent window if the parent window moves.
- Appear above its parent so other windows (such as a dialog box) cannot be hidden.</string>
<string id="IESF_ExplainSecurityFeaturesCategory">Contains settings to enable or disable security features for Internet Explorer, File Explorer and other applications.</string>
<string id="IESF_NPLRest_Category">Restricted Protocols Per Security Zone</string>
<string id="IESF_NPLRest_Category_Explain">The list of restricted protocols governed by Network Protocol Lockdown varies per security zone. Use these policies to set the restricted protocol list for each zone.
If policy is set in both Computer Configuration and User Configuration, the two lists are combined.</string>
<string id="IESF_NPLRest_InternetZone">Internet Zone Restricted Protocols</string>
<string id="IESF_NPLRest_IntranetZone">Intranet Zone Restricted Protocols</string>
<string id="IESF_NPLRest_LocalMachineZone">Local Machine Zone Restricted Protocols</string>
<string id="IESF_NPLRest_RestrictedSitesZone">Restricted Sites Zone Restricted Protocols</string>
<string id="IESF_NPLRest_TrustedSitesZone">Trusted Sites Zone Restricted Protocols</string>
<string id="IESF_NPLRestrictionsList_Explain">For each zone, the Network Protocol Lockdown security restriction may be configured to prevent active content obtained through restricted protocols from running in an unsafe manner, either by prompting the user, or simply disabling the content. For each zone, this list of protocols may be configured here, and applies to all processes which have opted in to the security restriction.
If you enable this policy setting for a zone, this sets the list of protocols to be restricted if that zone is set to Prompt or Disable for "Allow active content over restricted protocols to access my computer."
If you disable or do not configure this policy setting for a zone, no protocols are restricted for that zone, regardless of the setting for "Allow active content over restricted protocols to access my computer."
Note. If policy for a zone is set in both Computer Configuration and User Configuration, both lists of protocols will be restricted for that zone.</string>
<string id="IESF_Policy_BinaryBehaviorAdminAllow">Admin-approved behaviors</string>
<string id="IESF_PolicyAllProcesses">All Processes</string>
<string id="IESF_PolicyExplorerProcesses">Internet Explorer Processes</string>
<string id="IESF_PolicyProcessList">Process List</string>
<string id="IESF_PolicyScriptPasteAllProcesses">Bypass prompting for Clipboard access for scripts running in any process</string>
<string id="IESF_PolicyScriptPasteExplorerProcesses">Bypass prompting for Clipboard access for scripts running in the Internet Explorer process</string>
<string id="IESF_PolicyScriptPasteProcessList">Define applications and processes that can access the Clipboard without prompting</string>
<string id="AddonManagement_IgnoreAddonApprovalStatus">Automatically activate newly installed add-ons</string>
<string id="AddonManagement_DisableAddonLoadTimePerformanceNotifications">Turn off add-on performance notifications</string>
<string id="InternetExplorer">Internet Explorer</string>
<string id="InternetSettings">Internet Settings</string>
<string id="Investor">Investor</string>
<string id="IZ_ExplainIncludeUnspecifiedLocalSites">This policy setting controls whether local sites which are not explicitly mapped into any Security Zone are forced into the local Intranet security zone.
If you enable this policy setting, local sites which are not explicitly mapped into a zone are considered to be in the Intranet Zone.
If you disable this policy setting, local sites which are not explicitly mapped into a zone will not be considered to be in the Intranet Zone (so would typically be in the Internet Zone).
If you do not configure this policy setting, users choose whether to force local sites into the Intranet Zone.</string>
<string id="IESF_ENABLE_MD2_MD4">Install binaries signed by MD2 and MD4 signing technologies</string>
<string id="IESF_Explain_ENABLE_MD2_MD4">This policy setting allows you to manage whether Internet Explorer 9 can install ActiveX controls and other binaries signed with MD2 and MD4 signing technologies. Internet Explorer 9 does not support MD2 and MD4 signing technologies by default, because they are not as secure as other technologies.
If you enable this policy setting, Internet Explorer 9 installs binaries signed by MD2 and MD4 signing technologies.
If you disable or do not configure this policy setting, Internet Explorer 9 does not install binaries signed by MD2 and MD4 signing technologies.</string>
<string id="IZ_ExplainProxyByPass">This policy setting controls whether sites which bypass the proxy server are mapped into the local Intranet security zone.
If you enable this policy setting, sites which bypass the proxy server are mapped into the Intranet Zone.
If you disable this policy setting, sites which bypass the proxy server aren't necessarily mapped into the Intranet Zone (other rules might map one there).
If you do not configure this policy setting, users choose whether sites which bypass the proxy server are mapped into the Intranet Zone.</string>
<string id="IZ_ExplainUNCAsIntranet">This policy setting controls whether URLs representing UNCs are mapped into the local Intranet security zone.
If you enable this policy setting, all network paths are mapped into the Intranet Zone.
If you disable this policy setting, network paths are not necessarily mapped into the Intranet Zone (other rules might map one there).
If you do not configure this policy setting, users choose whether network paths are mapped into the Intranet Zone.</string>
<string id="IZ_ExplainZonemaps">This policy setting allows you to manage a list of sites that you want to associate with a particular security zone. These zone numbers have associated security settings that apply to all of the sites in the zone.
Internet Explorer has 4 security zones, numbered 1-4, and these are used by this policy setting to associate sites to zones. They are: (1) Intranet zone, (2) Trusted Sites zone, (3) Internet zone, and (4) Restricted Sites zone. Security settings can be set for each of these zones through other policy settings, and their default settings are: Trusted Sites zone (Low template), Intranet zone (Medium-Low template), Internet zone (Medium template), and Restricted Sites zone (High template). (The Local Machine zone and its locked down equivalent have special security settings that protect your local computer.)
If you enable this policy setting, you can enter a list of sites and their related zone numbers. The association of a site with a zone will ensure that the security settings for the specified zone are applied to the site. For each entry that you add to the list, enter the following information:
Valuename – A host for an intranet site, or a fully qualified domain name for other sites. The valuename may also include a specific protocol. For example, if you enter http://www.contoso.com as the valuename, other protocols are not affected. If you enter just www.contoso.com, then all protocols are affected for that site, including http, https, ftp, and so on. The site may also be expressed as an IP address (e.g., 127.0.0.1) or range (e.g., 127.0.0.1-10). To avoid creating conflicting policies, do not include additional characters after the domain such as trailing slashes or URL path. For example, policy settings for www.contoso.com and www.contoso.com/mail would be treated as the same policy setting by Internet Explorer, and would therefore be in conflict.
Value - A number indicating the zone with which this site should be associated for security settings. The Internet Explorer zones described above are 1-4.
If you disable or do not configure this policy, users may choose their own site-to-zone assignments.</string>
<string id="IZ_ExplainZoneTemplatesPolicy">This template policy setting allows you to configure policy settings in this zone consistent with a selected security level, for example, Low, Medium Low, Medium, or High.
If you enable this template policy setting and select a security level, all values for individual settings in the zone will be overwritten by the standard template defaults.
If you disable this template policy setting, no security level is configured.
If you do not configure this template policy setting, no security level is configured.
Note. Local Machine Zone Lockdown Security and Network Protocol Lockdown operate by comparing the settings in the active URL's zone against those in the Locked-Down equivalent zone. If you select a security level for any zone (including selecting no security), the same change should be made to the Locked-Down equivalent.
Note. It is recommended to configure template policy settings in one Group Policy object (GPO) and configure any related individual policy settings in a separate GPO. You can then use Group Policy management features (for example, precedence, inheritance, or enforce) to apply individual settings to specific targets.</string>
<string id="IZ_IncludeUnspecifiedLocalSites">Intranet Sites: Include all local (intranet) sites not listed in other zones</string>
<string id="IZ_InternetZone">Internet Zone</string>
<string id="IZ_InternetZoneLockdown">Locked-Down Internet Zone</string>
<string id="IZ_InternetZoneLockdown_Explain">The settings in this zone apply only if the Internet Zone is in 'lockdown' mode, such as when the Network Protocol Lockdown security feature is in effect. If the zone is locked down, these URL action settings do not override the standard Internet Zone settings, but are compared against them. If the settings for that URL action in the two zones are the same, then that setting is used. Otherwise, the user is presented with a Notification bar, and may allow the zone to operate with the standard (non-lockdown) zone's setting.</string>
<string id="IZ_IntranetZone">Intranet Zone</string>
<string id="IZ_IntranetZoneLockdown">Locked-Down Intranet Zone</string>
<string id="IZ_IntranetZoneLockdown_Explain">The settings in this zone apply only if the Intranet Zone is in 'lockdown' mode, such as when the Network Protocol Lockdown security feature is in effect. If the zone is locked down, these URL action settings do not override the standard Intranet Zone settings, but are compared against them. If the settings for that URL action in the two zones are the same, then that setting is used. Otherwise, the user is presented with a Notification bar, and may allow the zone to operate with the standard (non-lockdown) zone's setting.</string>
<string id="IZ_ItemnameAdminApproved">Administrator approved</string>
<string id="IZ_ItemnameAnonymousLogon">Anonymous logon</string>
<string id="IZ_ItemnameAutomaticLogon">Automatic logon with current username and password</string>
<string id="IZ_ItemnameAutomaticLogonInIntranetZone">Automatic logon only in Intranet zone</string>
<string id="IZ_ItemnameCustom">Custom</string>
<string id="IZ_ItemnameDisable">Disable</string>
<string id="IZ_ItemnameDisableJava">Disable Java</string>
<string id="IZ_ItemnameEnable">Enable</string>
<string id="IZ_ItemnameHigh">High</string>
<string id="IZ_ItemnameHighSafety">High safety</string>
<string id="IZ_ItemnameLow">Low</string>
<string id="IZ_ItemnameLowSafety">Low safety</string>
<string id="IZ_ItemnameMedium">Medium</string>
<string id="IZ_ItemnameMediumHigh">Medium High</string>
<string id="IZ_ItemnameMediumLow">Medium Low</string>
<string id="IZ_ItemnameMediumSafety">Medium safety</string>
<string id="IZ_ItemnamePrompt">Prompt</string>
<string id="IZ_ItemnamePromptLogon">Prompt for user name and password</string>
<string id="IZ_LocalMachineZone">Local Machine Zone</string>
<string id="IZ_LocalMachineZoneLockdown">Locked-Down Local Machine Zone</string>
<string id="IZ_LocalMachineZoneLockdown_Explain">The settings in this zone apply only if the Local Machine Zone is in 'lockdown' mode, such as when the Local Machine Zone Lockdown security feature is in effect. If the zone is locked down, these URL action settings do not override the standard Local Machine Zone settings, but are compared against them. If the settings for that URL action in the two zones are the same, then that setting is used. Otherwise, the user is presented with a Notification bar, and may allow the zone to operate with the standard (non-lockdown) zone's setting.</string>
<string id="IZ_Policy_AddressStatusBar">Allow websites to open windows without status bar or Address bar</string>
<string id="IZ_Policy_AddressStatusBar_Explain">This policy setting controls whether websites can open new Internet Explorer windows that have no status bar or Address bar.
If you enable this policy setting, websites can open new Internet Explorer windows that have no status bar or Address bar.
If you disable this policy setting, websites cannot open new Internet Explorer windows that have no status bar or Address bar.
If you do not configure this policy setting, the user can choose whether websites can open new Internet Explorer Windows that have no status bar or Address bar.</string>
<string id="IZ_PolicyOnlyAllowApprovedDomainsToUseActiveXWithoutPrompt">Allow only approved domains to use ActiveX controls without prompt</string>
<string id="IZ_EXPLAIN_PolicyOnlyAllowApprovedDomainsToUseActiveXWithoutPrompt">This policy setting controls whether or not the user is prompted to allow ActiveX controls to run on websites other than the website that installed the ActiveX control.
If you enable this policy setting, the user is prompted before ActiveX controls can run from websites in this zone. The user can choose to allow the control to run from the current site or from all sites.
If you disable this policy setting, the user does not see the per-site ActiveX prompt, and ActiveX controls can run from all sites in this zone.</string>
<string id="IZ_Policy_AllowDynsrcPlayback">Allow video and animation on a webpage that uses an older media player</string>
<string id="IZ_Policy_AllowDynsrcPlayback_Explain">This policy setting allows the playing of video and animation through older media players in specified zones. Video and animation playback through the object tag may still be allowed, because this involves external controls or media players.
The dynsrc attribute on the img tag specifies an older media player. Also, as of Internet Explorer 8, this policy setting controls HTML+TIME media elements that refer to audio and video files.
If you enable this policy setting, video and animation can be played through older media players in specified zones.
If you disable this policy setting, video and animation cannot be played through older media players.
If you do not configure this policy setting, video and animation can be played through older media players in specified zones.</string>
<string id="IZ_Policy_AllowScriptlets">Allow scriptlets</string>
<string id="IZ_Policy_AllowScriptlets_Explain">This policy setting allows you to manage whether the user can run scriptlets.
If you enable this policy setting, the user can run scriptlets.
If you disable this policy setting, the user cannot run scriptlets.
If you do not configure this policy setting, the user can enable or disable scriptlets.</string>
<string id="IZ_Policy_FirstRunOptInDefaultEnable">Turn off first-run prompt</string>
<string id="IZ_Policy_FirstRunOptIn">Turn off first-run prompt</string>
<string id="IZ_Policy_FirstRunOptIn_ExplainDefaultDisable">This policy setting controls the first-run response that the user sees on a zone-by-zone basis. When the user encounters a new control that has not previously run in Internet Explorer, he or she may be prompted to approve the control. This policy setting determines whether the user is prompted.
If you enable this policy setting, the first-run prompt is turned off in the corresponding zone.
If you disable this policy setting, the first-run prompt is turned on in the corresponding zone.
If you do not configure this policy setting, the first-run prompt is turned off by default.</string>
<string id="IZ_Policy_FirstRunOptIn_ExplainDefaultEnable">This policy setting controls the first-run response that the user sees on a zone-by-zone basis. When the user encounters a new control that has not previously run in Internet Explorer, he or she may be prompted to approve the control. This policy setting determines whether the user is prompted.
If you enable this policy setting, the first-run prompt is turned off in the corresponding zone.
If you disable this policy setting, the first-run prompt is turned on in the corresponding zone.
If you do not configure this policy setting, the first-run prompt is turned on by default.</string>
<string id="IZ_Policy_LocalPathForUpload">Include local path when user is uploading files to a server</string>
<string id="IZ_Policy_LocalPathForUpload_Explain">This policy setting controls whether or not local path information is sent when the user is uploading a file via an HTML form. If the local path information is sent, some information may be unintentionally revealed to the server. For instance, files sent from the user's desktop may contain the user name as a part of the path.
If you enable this policy setting, path information is sent when the user is uploading a file via an HTML form.
If you disable this policy setting, path information is removed when the user is uploading a file via an HTML form.
If you do not configure this policy setting, the user can choose whether path information is sent when he or she is uploading a file via an HTML form. By default, path information is sent.</string>
<string id="IZ_Policy_Phishing">Turn on SmartScreen Filter scan</string>
<string id="IZ_Policy_Phishing_Explain">This policy setting controls whether SmartScreen Filter scans pages in this zone for malicious content.
If you enable this policy setting, SmartScreen Filter scans pages in this zone for malicious content.
If you disable this policy setting, SmartScreen Filter does not scan pages in this zone for malicious content.
If you do not configure this policy setting, the user can choose whether SmartScreen Filter scans pages in this zone for malicious content.
Note: In Internet Explorer 7, this policy setting controls whether Phishing Filter scans pages in this zone for malicious content.</string>
<string id="IZ_Policy_ScriptPrompt">Allow websites to prompt for information by using scripted windows</string>
<string id="IZ_Policy_ScriptPrompt_Explain">This policy setting determines whether scripted windows are automatically displayed.
If you enable this policy setting, scripted windows are displayed.
If you disable this policy setting, the user must choose to display any scripted windows by using the Notification bar.
If you do not configure this policy setting, the user can enable or disable the Notification bar behavior.</string>
<string id="IZ_Policy_ScriptStatusBar">Allow updates to status bar via script</string>
<string id="IZ_Policy_ScriptStatusBarDefaultEnable">Allow updates to status bar via script</string>
<string id="IZ_Policy_ScriptStatusBar_ExplainDefaultDisable">This policy setting allows you to manage whether script is allowed to update the status bar within the zone.
If you enable this policy setting, script is allowed to update the status bar.
If you disable or do not configure this policy setting, script is not allowed to update the status bar.</string>
<string id="IZ_Policy_ScriptStatusBar_ExplainDefaultEnable">This policy setting allows you to manage whether script is allowed to update the status bar within the zone.
If you enable this policy setting, script is allowed to update the status bar.
If you disable or do not configure this policy setting, script is allowed to update the status bar.</string>
<string id="IZ_Policy_TurnOnProtectedMode">Turn on Protected Mode</string>
<string id="IZ_Policy_TurnOnProtectedMode_Explain">This policy setting allows you to turn on Protected Mode. Protected Mode helps protect Internet Explorer from exploited vulnerabilities by reducing the locations that Internet Explorer can write to in the registry and the file system.
If you enable this policy setting, Protected Mode is turned on. The user cannot turn off Protected Mode.
If you disable this policy setting, Protected Mode is turned off. The user cannot turn on Protected Mode.
If you do not configure this policy setting, the user can turn on or turn off Protected Mode.</string>
<string id="IZ_PolicyTurnOnXSSFilter">Turn on Cross-Site Scripting Filter</string>
<string id="IZ_EXPLAIN_PolicyTurnOnXSSFilter">This policy controls whether or not the Cross-Site Scripting (XSS) Filter will detect and prevent cross-site script injections into websites in this zone.
If you enable this policy setting, the XSS Filter is turned on for sites in this zone, and the XSS Filter attempts to block cross-site script injections.
If you disable this policy setting, the XSS Filter is turned off for sites in this zone, and Internet Explorer permits cross-site script injections.</string>
<string id="IZ_Policy_UnsafeFiles">Show security warning for potentially unsafe files</string>
<string id="IZ_Policy_UnsafeFiles_Explain">This policy setting controls whether or not the "Open File - Security Warning" message appears when the user tries to open executable files or other potentially unsafe files (from an intranet file share by using File Explorer, for example).
If you enable this policy setting and set the drop-down box to Enable, these files open without a security warning. If you set the drop-down box to Prompt, a security warning appears before the files open.
If you disable this policy setting, these files do not open.
If you do not configure this policy setting, the user can configure how the computer handles these files. By default, these files are blocked in the Restricted zone, enabled in the Intranet and Local Computer zones, and set to prompt in the Internet and Trusted zones.</string>
<string id="IZ_Policy_WebBrowserApps">Allow loading of XAML Browser Applications</string>
<string id="IZ_Policy_WebBrowserApps_Explain">This policy setting allows you to manage the loading of XAML Browser Applications (XBAPs). These are browser-hosted, ClickOnce-deployed applications built via WinFX. These applications run in a security sandbox and take advantage of the Windows Presentation Foundation platform for the web.
If you enable this policy setting and set the drop-down box to Enable, XBAPs are automatically loaded inside Internet Explorer. The user cannot change this behavior. If you set the drop-down box to Prompt, the user is prompted for loading XBAPs.
If you disable this policy setting, XBAPs are not loaded inside Internet Explorer. The user cannot change this behavior.
If you do not configure this policy setting, the user can decide whether to load XBAPs inside Internet Explorer.</string>
<string id="IZ_Policy_WebBrowserControl">Allow scripting of Internet Explorer WebBrowser controls</string>
<string id="IZ_Policy_WebBrowserControl_Explain">This policy setting determines whether a page can control embedded WebBrowser controls via script.
If you enable this policy setting, script access to the WebBrowser control is allowed.
If you disable this policy setting, script access to the WebBrowser control is not allowed.
If you do not configure this policy setting, the user can enable or disable script access to the WebBrowser control. By default, script access to the WebBrowser control is allowed only in the Local Machine and Intranet zones.</string>
<string id="IZ_Policy_WinFXRuntimeComponent">Turn off .NET Framework Setup</string>
<string id="IZ_Policy_WinFXRuntimeComponent_Explain">This policy setting prevents the user's computer from starting Microsoft .NET Framework Setup when the user is browsing to .NET Framework content in Internet Explorer. The .NET Framework is the next-generation platform for Windows. It uses the common language runtime and incorporates support from multiple developer tools. It includes the new managed code APIs for Windows.
If you enable this policy setting, .NET Framework Setup is turned off. The user cannot change this behavior.
If you disable this policy setting, .NET Framework Setup is turned on. The user cannot change this behavior.
If you do not configure this policy setting, .NET Framework Setup is turned on by default. The user can change this behavior.</string>
<string id="IZ_Policy_XAML">Allow loading of XAML files</string>
<string id="IZ_Policy_XAML_Explain">This policy setting allows you to manage the loading of Extensible Application Markup Language (XAML) files. XAML is an XML-based declarative markup language commonly used for creating rich user interfaces and graphics that take advantage of the Windows Presentation Foundation.
If you enable this policy setting and set the drop-down box to Enable, XAML files are automatically loaded inside Internet Explorer. The user cannot change this behavior. If you set the drop-down box to Prompt, the user is prompted for loading XAML files.
If you disable this policy setting, XAML files are not loaded inside Internet Explorer. The user cannot change this behavior.
If you do not configure this policy setting, the user can decide whether to load XAML files inside Internet Explorer.</string>
<string id="IZ_Policy_XPS">Allow loading of XPS files</string>
<string id="IZ_Policy_XPS_Explain">This policy setting allows you to manage the loading of XPS files. These files contain a fixed-layout representation of paginated content and are portable across platforms, devices, and applications.
If you enable this policy setting and set the drop-down box to Enable, XPS files are automatically loaded inside Internet Explorer. The user cannot change this behavior. If you set the drop-down box to Prompt, the user is prompted for loading XPS files.
If you disable this policy setting, XPS files are not loaded inside Internet Explorer. The user cannot change this behavior.
If you do not configure this policy setting, the user can decide whether to load XPS files inside Internet Explorer.</string>
<string id="IZ_PolicyAccessDataSourcesAcrossDomains">Access data sources across domains</string>
<string id="IZ_PolicyAccessDataSourcesAcrossDomains_ExplainDefaultDisable">This policy setting allows you to manage whether Internet Explorer can access data from another security zone using the Microsoft XML Parser (MSXML) or ActiveX Data Objects (ADO).
If you enable this policy setting, users can load a page in the zone that uses MSXML or ADO to access data from another site in the zone. If you select Prompt in the drop-down box, users are queried to choose whether to allow a page to be loaded in the zone that uses MSXML or ADO to access data from another site in the zone.
If you disable this policy setting, users cannot load a page in the zone that uses MSXML or ADO to access data from another site in the zone.
If you do not configure this policy setting, users cannot load a page in the zone that uses MSXML or ADO to access data from another site in the zone.</string>
<string id="IZ_PolicyAccessDataSourcesAcrossDomains_ExplainDefaultEnable">This policy setting allows you to manage whether Internet Explorer can access data from another security zone using the Microsoft XML Parser (MSXML) or ActiveX Data Objects (ADO).
If you enable this policy setting, users can load a page in the zone that uses MSXML or ADO to access data from another site in the zone. If you select Prompt in the drop-down box, users are queried to choose whether to allow a page to be loaded in the zone that uses MSXML or ADO to access data from another site in the zone.
If you disable this policy setting, users cannot load a page in the zone that uses MSXML or ADO to access data from another site in the zone.
If you do not configure this policy setting, users can load a page in the zone that uses MSXML or ADO to access data from another site in the zone.</string>
<string id="IZ_PolicyAccessDataSourcesAcrossDomains_ExplainDefaultPrompt">This policy setting allows you to manage whether Internet Explorer can access data from another security zone using the Microsoft XML Parser (MSXML) or ActiveX Data Objects (ADO).
If you enable this policy setting, users can load a page in the zone that uses MSXML or ADO to access data from another site in the zone. If you select Prompt in the drop-down box, users are queried to choose whether to allow a page to be loaded in the zone that uses MSXML or ADO to access data from another site in the zone.
If you disable this policy setting, users cannot load a page in the zone that uses MSXML or ADO to access data from another site in the zone.
If you do not configure this policy setting, users are queried to choose whether to allow a page to be loaded in the zone that uses MSXML or ADO to access data from another site in the zone.</string>
<string id="IZ_PolicyActiveScripting">Allow active scripting</string>
<string id="IZ_PolicyActiveScripting_ExplainDefaultDisable">This policy setting allows you to manage whether script code on pages in the zone is run.
If you enable this policy setting, script code on pages in the zone can run automatically. If you select Prompt in the drop-down box, users are queried to choose whether to allow script code on pages in the zone to run.
If you disable this policy setting, script code on pages in the zone is prevented from running.
If you do not configure this policy setting, script code on pages in the zone is prevented from running.</string>
<string id="IZ_PolicyActiveScripting_ExplainDefaultEnable">This policy setting allows you to manage whether script code on pages in the zone is run.
If you enable this policy setting, script code on pages in the zone can run automatically. If you select Prompt in the drop-down box, users are queried to choose whether to allow script code on pages in the zone to run.
If you disable this policy setting, script code on pages in the zone is prevented from running.
If you do not configure this policy setting, script code on pages in the zone can run automatically.</string>
<string id="IZ_PolicyActiveScripting_ExplainDefaultPrompt">This policy setting allows you to manage whether script code on pages in the zone is run.
If you enable this policy setting, script code on pages in the zone can run automatically. If you select Prompt in the drop-down box, users are queried to choose whether to allow script code on pages in the zone to run.
If you disable this policy setting, script code on pages in the zone is prevented from running.
If you do not configure this policy setting, users are queried to choose whether to allow script code on pages in the Local Machine zone to run.</string>
<string id="IZ_PolicyAllowMETAREFRESH">Allow META REFRESH</string>
<string id="IZ_PolicyAllowMETAREFRESH_ExplainDefaultDisable">This policy setting allows you to manage whether a user's browser can be redirected to another Web page if the author of the Web page uses the Meta Refresh setting (tag) to redirect browsers to another Web page.
If you enable this policy setting, a user's browser that loads a page containing an active Meta Refresh setting can be redirected to another Web page.
If you disable this policy setting, a user's browser that loads a page containing an active Meta Refresh setting cannot be redirected to another Web page.
If you do not configure this policy setting, a user's browser that loads a page containing an active Meta Refresh setting cannot be redirected to another Web page.</string>
<string id="IZ_PolicyAllowMETAREFRESH_ExplainDefaultEnable">This policy setting allows you to manage whether a user's browser can be redirected to another Web page if the author of the Web page uses the Meta Refresh setting (tag) to redirect browsers to another Web page.
If you enable this policy setting, a user's browser that loads a page containing an active Meta Refresh setting can be redirected to another Web page.
If you disable this policy setting, a user's browser that loads a page containing an active Meta Refresh setting cannot be redirected to another Web page.
If you do not configure this policy setting, a user's browser that loads a page containing an active Meta Refresh setting can be redirected to another Web page.</string>
<string id="IZ_PolicyAllowPasteViaScript">Allow cut, copy or paste operations from the clipboard via script</string>
<string id="IZ_PolicyAllowPasteViaScript_ExplainDefaultDisable">This policy setting allows you to manage whether scripts can perform a clipboard operation (for example, cut, copy, and paste) in a specified region.
If you enable this policy setting, a script can perform a clipboard operation.
If you select Prompt in the drop-down box, users are queried as to whether to perform clipboard operations.
If you disable this policy setting, a script cannot perform a clipboard operation.
If you do not configure this policy setting, a script cannot perform a clipboard operation.</string>
<string id="IZ_PolicyAllowPasteViaScript_ExplainDefaultEnable">This policy setting allows you to manage whether scripts can perform a clipboard operation (for example, cut, copy, and paste) in a specified region.
If you enable this policy setting, a script can perform a clipboard operation.
If you select Prompt in the drop-down box, users are queried as to whether to perform clipboard operations.
If you disable this policy setting, a script cannot perform a clipboard operation.
If you do not configure this policy setting, a script can perform a clipboard operation.</string>
<string id="IZ_PolicyBinaryBehaviors">Allow binary and script behaviors</string>
<string id="IZ_PolicyBinaryBehaviors_ExplainDefaultAdminApproved">This policy setting allows you to manage dynamic binary and script behaviors: components that encapsulate specific functionality for HTML elements to which they were attached.
If you enable this policy setting, binary and script behaviors are available. If you select Administrator approved in the drop-down box, only behaviors listed in the Admin-approved Behaviors under Binary Behaviors Security Restriction policy are available.
If you disable this policy setting, binary and script behaviors are not available unless applications have implemented a custom security manager.
If you do not configure this policy setting, only behaviors listed in the Admin-approved Behaviors under Binary Behaviors Security Restriction policy are available.</string>
<string id="IZ_PolicyBinaryBehaviors_ExplainDefaultDisable">This policy setting allows you to manage dynamic binary and script behaviors: components that encapsulate specific functionality for HTML elements to which they were attached.
If you enable this policy setting, binary and script behaviors are available. If you select Administrator approved in the drop-down box, only behaviors listed in the Admin-approved Behaviors under Binary Behaviors Security Restriction policy are available.
If you disable this policy setting, binary and script behaviors are not available unless applications have implemented a custom security manager.
If you do not configure this policy setting, binary and script behaviors are not available unless applications have implemented a custom security manager.</string>
<string id="IZ_PolicyBinaryBehaviors_ExplainDefaultEnable">This policy setting allows you to manage dynamic binary and script behaviors: components that encapsulate specific functionality for HTML elements to which they were attached.
If you enable this policy setting, binary and script behaviors are available. If you select Administrator approved in the drop-down box, only behaviors listed in the Admin-approved Behaviors under Binary Behaviors Security Restriction policy are available.
If you disable this policy setting, binary and script behaviors are not available unless applications have implemented a custom security manager.
If you do not configure this policy setting, binary and script behaviors are available.</string>
<string id="IZ_PolicyBlockPopupWindows">Use Pop-up Blocker</string>
<string id="IZ_PolicyBlockPopupWindows_ExplainDefaultDisable">This policy setting allows you to manage whether unwanted pop-up windows appear. Pop-up windows that are opened when the end user clicks a link are not blocked.
If you enable this policy setting, most unwanted pop-up windows are prevented from appearing.
If you disable this policy setting, pop-up windows are not prevented from appearing.
If you do not configure this policy setting, pop-up windows are not prevented from appearing.</string>
<string id="IZ_PolicyBlockPopupWindows_ExplainDefaultEnable">This policy setting allows you to manage whether unwanted pop-up windows appear. Pop-up windows that are opened when the end user clicks a link are not blocked.
If you enable this policy setting, most unwanted pop-up windows are prevented from appearing.
If you disable this policy setting, pop-up windows are not prevented from appearing.
If you do not configure this policy setting, most unwanted pop-up windows are prevented from appearing.</string>
<string id="IZ_PolicyDisplayMixedContent">Display mixed content</string>
<string id="IZ_PolicyDisplayMixedContent_ExplainDefaultPrompt">This policy setting allows you to manage whether users can display nonsecure items and manage whether users receive a security information message to display pages containing both secure and nonsecure items.
If you enable this policy setting, and the drop-down box is set to Enable, the user does not receive a security information message (This page contains both secure and nonsecure items. Do you want to display the nonsecure items?) and nonsecure content can be displayed.
If the drop-down box is set to Prompt, the user will receive the security information message on the Web pages that contain both secure (https://) and nonsecure (http://) content.
If you disable this policy setting, users cannot receive the security information message and nonsecure content cannot be displayed.
If you do not configure this policy setting, the user will receive the security information message on the Web pages that contain both secure (https://) and nonsecure (http://) content.</string>
<string id="IZ_PolicyDownloadSignedActiveX">Download signed ActiveX controls</string>
<string id="IZ_PolicyDownloadSignedActiveX_ExplainDefaultDisable">This policy setting allows you to manage whether users may download signed ActiveX controls from a page in the zone.
If you enable this policy, users can download signed controls without user intervention. If you select Prompt in the drop-down box, users are queried whether to download controls signed by publishers who aren't trusted. Code signed by trusted publishers is silently downloaded.
If you disable the policy setting, signed controls cannot be downloaded.
If you do not configure this policy setting, signed controls cannot be downloaded.</string>
<string id="IZ_PolicyDownloadSignedActiveX_ExplainDefaultEnable">This policy setting allows you to manage whether users may download signed ActiveX controls from a page in the zone.
If you enable this policy, users can download signed controls without user intervention. If you select Prompt in the drop-down box, users are queried whether to download controls signed by publishers who aren't trusted. Code signed by trusted publishers is silently downloaded.
If you disable the policy setting, signed controls cannot be downloaded.
If you do not configure this policy setting, users can download signed controls without user intervention.</string>
<string id="IZ_PolicyDownloadSignedActiveX_ExplainDefaultPrompt">This policy setting allows you to manage whether users may download signed ActiveX controls from a page in the zone.
If you enable this policy, users can download signed controls without user intervention. If you select Prompt in the drop-down box, users are queried whether to download controls signed by publishers who aren't trusted. Code signed by trusted publishers is silently downloaded.
If you disable the policy setting, signed controls cannot be downloaded.
If you do not configure this policy setting, users are queried whether to download controls signed by publishers who aren't trusted. Code signed by trusted publishers is silently downloaded.</string>
<string id="IZ_PolicyDownloadUnsignedActiveX">Download unsigned ActiveX controls</string>
<string id="IZ_PolicyDownloadUnsignedActiveX_ExplainDefaultDisable">This policy setting allows you to manage whether users may download unsigned ActiveX controls from the zone. Such code is potentially harmful, especially when coming from an untrusted zone.
If you enable this policy setting, users can run unsigned controls without user intervention. If you select Prompt in the drop-down box, users are queried to choose whether to allow the unsigned control to run.
If you disable this policy setting, users cannot run unsigned controls.
If you do not configure this policy setting, users cannot run unsigned controls.</string>
<string id="IZ_PolicyDownloadUnsignedActiveX_ExplainDefaultEnable">This policy setting allows you to manage whether users may download unsigned ActiveX controls from the zone. Such code is potentially harmful, especially when coming from an untrusted zone.
If you enable this policy setting, users can run unsigned controls without user intervention. If you select Prompt in the drop-down box, users are queried to choose whether to allow the unsigned control to run.
If you disable this policy setting, users cannot run unsigned controls.
If you do not configure this policy setting, users can run unsigned controls without user intervention.</string>
<string id="IZ_PolicyDownloadUnsignedActiveX_ExplainDefaultPrompt">This policy setting allows you to manage whether users may download unsigned ActiveX controls from the zone. Such code is potentially harmful, especially when coming from an untrusted zone.
If you enable this policy setting, users can run unsigned controls without user intervention. If you select Prompt in the drop-down box, users are queried to choose whether to allow the unsigned control to run.
If you disable this policy setting, users cannot run unsigned controls.
If you do not configure this policy setting, users are queried to choose whether to allow the unsigned control to run.</string>
<string id="IZ_PolicyDropOrPasteFiles">Allow drag and drop or copy and paste files</string>
<string id="IZ_PolicyDropOrPasteFiles_ExplainDefaultEnable">This policy setting allows you to manage whether users can drag files or copy and paste files from a source within the zone.
If you enable this policy setting, users can drag files or copy and paste files from this zone automatically. If you select Prompt in the drop-down box, users are queried to choose whether to drag or copy files from this zone.
If you disable this policy setting, users are prevented from dragging files or copying and pasting files from this zone.
If you do not configure this policy setting, users can drag files or copy and paste files from this zone automatically.</string>
<string id="IZ_PolicyDropOrPasteFiles_ExplainDefaultPrompt">This policy setting allows you to manage whether users can drag files or copy and paste files from a source within the zone.
If you enable this policy setting, users can drag files or copy and paste files from this zone automatically. If you select Prompt in the drop-down box, users are queried to choose whether to drag or copy files from this zone.
If you disable this policy setting, users are prevented from dragging files or copying and pasting files from this zone.
If you do not configure this policy setting, users are queried to choose whether to drag or copy files from this zone.</string>
<string id="IZ_PolicyRenderLegacyFilters">Render legacy filters</string>
<string id="IZ_PolicyRenderLegacyFilters_ExplainDefaultDisable">This policy setting specifies whether Internet Explorer renders legacy visual filters in this zone.
If you enable this policy setting, you can control whether or not Internet Explorer renders legacy filters by selecting Enable, or Disable, under Options in Group Policy Editor.
If you disable, or do not configure this policy setting, users can choose whether or not to render filters in this zone. Users can change this setting on the Security tab of the Internet Options dialog box. Filters are not rendered by default in this zone.</string>
<string id="IZ_PolicyRenderLegacyFilters_ExplainDefaultEnable">This policy setting specifies whether Internet Explorer renders legacy visual filters in this zone.
If you enable this policy setting, you can control whether or not Internet Explorer renders legacy filters by selecting Enable, or Disable, under Options in Group Policy Editor.
If you disable, or do not configure this policy setting, users can choose whether or not to render filters in this zone. Users can change this setting on the Security tab of the Internet Options dialog box. Filters are rendered by default in this zone.</string>
<string id="IZ_PolicyFileDownload">Allow file downloads</string>
<string id="IZ_PolicyFileDownload_ExplainDefaultDisable">This policy setting allows you to manage whether file downloads are permitted from the zone. This option is determined by the zone of the page with the link causing the download, not the zone from which the file is delivered.
If you enable this policy setting, files can be downloaded from the zone.
If you disable this policy setting, files are prevented from being downloaded from the zone.
If you do not configure this policy setting, files are prevented from being downloaded from the zone.</string>
<string id="IZ_PolicyFileDownload_ExplainDefaultEnable">This policy setting allows you to manage whether file downloads are permitted from the zone. This option is determined by the zone of the page with the link causing the download, not the zone from which the file is delivered.
If you enable this policy setting, files can be downloaded from the zone.
If you disable this policy setting, files are prevented from being downloaded from the zone.
If you do not configure this policy setting, files can be downloaded from the zone.</string>
<string id="IZ_PolicyFontDownload">Allow font downloads</string>
<string id="IZ_PolicyFontDownload_ExplainDefaultEnable">This policy setting allows you to manage whether pages of the zone may download HTML fonts.
If you enable this policy setting, HTML fonts can be downloaded automatically. If you enable this policy setting and Prompt is selected in the drop-down box, users are queried whether to allow HTML fonts to download.
If you disable this policy setting, HTML fonts are prevented from downloading.
If you do not configure this policy setting, HTML fonts can be downloaded automatically.</string>
<string id="IZ_PolicyFontDownload_ExplainDefaultPrompt">This policy setting allows you to manage whether pages of the zone may download HTML fonts.
If you enable this policy setting, HTML fonts can be downloaded automatically. If you enable this policy setting and Prompt is selected in the drop-down box, users are queried whether to allow HTML fonts to download.
If you disable this policy setting, HTML fonts are prevented from downloading.
If you do not configure this policy setting, users are queried whether to allow HTML fonts to download.</string>
<string id="IZ_PolicyInstallDesktopItems">Allow installation of desktop items</string>
<string id="IZ_PolicyInstallDesktopItems_ExplainDefaultDisable">This policy setting allows you to manage whether users can install Active Desktop items from this zone. The settings for this option are: If you enable this policy setting, users can install desktop items from this zone automatically.
If you select Prompt in the drop-down box, users are queried to choose whether to install desktop items from this zone.
If you disable this policy setting, users are prevented from installing desktop items from this zone.
If you do not configure this policy setting, users are prevented from installing desktop items from this zone.</string>
<string id="IZ_PolicyInstallDesktopItems_ExplainDefaultEnable">This policy setting allows you to manage whether users can install Active Desktop items from this zone. The settings for this option are: If you enable this policy setting, users can install desktop items from this zone automatically.
If you select Prompt in the drop-down box, users are queried to choose whether to install desktop items from this zone.
If you disable this policy setting, users are prevented from installing desktop items from this zone.
If you do not configure this policy setting, users can install desktop items from this zone automatically.</string>
<string id="IZ_PolicyInstallDesktopItems_ExplainDefaultPrompt">This policy setting allows you to manage whether users can install Active Desktop items from this zone. The settings for this option are: If you enable this policy setting, users can install desktop items from this zone automatically.
If you select Prompt in the drop-down box, users are queried to choose whether to install desktop items from this zone.
If you disable this policy setting, users are prevented from installing desktop items from this zone.
If you do not configure this policy setting, users are queried to choose whether to install desktop items from this zone.</string>
<string id="IZ_PolicyInternetZoneLockdownTemplate">Locked-Down Internet Zone Template</string>
<string id="IZ_PolicyInternetZoneTemplate">Internet Zone Template</string>
<string id="IZ_PolicyIntranetZoneLockdownTemplate">Locked-Down Intranet Zone Template</string>
<string id="IZ_PolicyIntranetZoneTemplate">Intranet Zone Template</string>
<string id="IZ_PolicyJavaPermissions">Java permissions</string>
<string id="IZ_PolicyJavaPermissions_ExplainDefaultDisable">This policy setting allows you to manage permissions for Java applets.
If you enable this policy setting, you can choose options from the drop-down box. Custom, to control permissions settings individually.
Low Safety enables applets to perform all operations.
Medium Safety enables applets to run in their sandbox (an area in memory outside of which the program cannot make calls), plus capabilities like scratch space (a safe and secure storage area on the client computer) and user-controlled file I/O.
High Safety enables applets to run in their sandbox. Disable Java to prevent any applets from running.
If you disable this policy setting, Java applets cannot run.
If you do not configure this policy setting, Java applets are disabled.</string>
<string id="IZ_PolicyJavaPermissions_ExplainDefaultHigh">This policy setting allows you to manage permissions for Java applets.
If you enable this policy setting, you can choose options from the drop-down box. Custom, to control permissions settings individually.
Low Safety enables applets to perform all operations.
Medium Safety enables applets to run in their sandbox (an area in memory outside of which the program cannot make calls), plus capabilities like scratch space (a safe and secure storage area on the client computer) and user-controlled file I/O.
High Safety enables applets to run in their sandbox. Disable Java to prevent any applets from running.
If you disable this policy setting, Java applets cannot run.
If you do not configure this policy setting, the permission is set to High Safety.</string>
<string id="IZ_PolicyJavaPermissions_ExplainDefaultLow">This policy setting allows you to manage permissions for Java applets.
If you enable this policy setting, you can choose options from the drop-down box. Custom, to control permissions settings individually.
Low Safety enables applets to perform all operations.
Medium Safety enables applets to run in their sandbox (an area in memory outside of which the program cannot make calls), plus capabilities like scratch space (a safe and secure storage area on the client computer) and user-controlled file I/O.
High Safety enables applets to run in their sandbox. Disable Java to prevent any applets from running.
If you disable this policy setting, Java applets cannot run.
If you do not configure this policy setting, the permission is set to Low Safety.</string>
<string id="IZ_PolicyJavaPermissions_ExplainDefaultMedium">This policy setting allows you to manage permissions for Java applets.
If you enable this policy setting, you can choose options from the drop-down box. Custom, to control permissions settings individually.
Low Safety enables applets to perform all operations.
Medium Safety enables applets to run in their sandbox (an area in memory outside of which the program cannot make calls), plus capabilities like scratch space (a safe and secure storage area on the client computer) and user-controlled file I/O.
High Safety enables applets to run in their sandbox. Disable Java to prevent any applets from running.
If you disable this policy setting, Java applets cannot run.
If you do not configure this policy setting, the permission is set to Medium Safety.</string>
<string id="IZ_PolicyLaunchAppsAndFilesInIFRAME">Launching applications and files in an IFRAME</string>
<string id="IZ_PolicyLaunchAppsAndFilesInIFRAME_ExplainDefaultDisable">This policy setting allows you to manage whether applications may be run and files may be downloaded from an IFRAME reference in the HTML of the pages in this zone.
If you enable this policy setting, users can run applications and download files from IFRAMEs on the pages in this zone without user intervention. If you select Prompt in the drop-down box, users are queried to choose whether to run applications and download files from IFRAMEs on the pages in this zone.
If you disable this policy setting, users are prevented from running applications and downloading files from IFRAMEs on the pages in this zone.
If you do not configure this policy setting, users are prevented from running applications and downloading files from IFRAMEs on the pages in this zone.</string>
<string id="IZ_PolicyLaunchAppsAndFilesInIFRAME_ExplainDefaultEnable">This policy setting allows you to manage whether applications may be run and files may be downloaded from an IFRAME reference in the HTML of the pages in this zone.
If you enable this policy setting, users can run applications and download files from IFRAMEs on the pages in this zone without user intervention. If you select Prompt in the drop-down box, users are queried to choose whether to run applications and download files from IFRAMEs on the pages in this zone.
If you disable this policy setting, users are prevented from running applications and downloading files from IFRAMEs on the pages in this zone.
If you do not configure this policy setting, users can run applications and download files from IFRAMEs on the pages in this zone without user intervention.</string>
<string id="IZ_PolicyLaunchAppsAndFilesInIFRAME_ExplainDefaultPrompt">This policy setting allows you to manage whether applications may be run and files may be downloaded from an IFRAME reference in the HTML of the pages in this zone.
If you enable this policy setting, users can run applications and download files from IFRAMEs on the pages in this zone without user intervention. If you select Prompt in the drop-down box, users are queried to choose whether to run applications and download files from IFRAMEs on the pages in this zone.
If you disable this policy setting, users are prevented from running applications and downloading files from IFRAMEs on the pages in this zone.
If you do not configure this policy setting, users are queried to choose whether to run applications and download files from IFRAMEs on the pages in this zone.</string>
<string id="IZ_PolicyLocalMachineZoneLockdownTemplate">Locked-Down Local Machine Zone Template</string>
<string id="IZ_PolicyLocalMachineZoneTemplate">Local Machine Zone Template</string>
<string id="IZ_PolicyLogon">Logon options</string>
<string id="IZ_PolicyLogon_ExplainDefaultAutomatic">This policy setting allows you to manage settings for logon options.
If you enable this policy setting, you can choose from the following logon options.
Anonymous logon to disable HTTP authentication and use the guest account only for the Common Internet File System (CIFS) protocol.
Prompt for user name and password to query users for user IDs and passwords. After a user is queried, these values can be used silently for the remainder of the session.
Automatic logon only in Intranet zone to query users for user IDs and passwords in other zones. After a user is queried, these values can be used silently for the remainder of the session.
Automatic logon with current user name and password to attempt logon using Windows NT Challenge Response (also known as NTLM authentication). If Windows NT Challenge Response is supported by the server, the logon uses the user's network user name and password for logon. If Windows NT Challenge Response is not supported by the server, the user is queried to provide the user name and password.
If you disable this policy setting, logon is set to Automatic logon only in Intranet zone.
If you do not configure this policy setting, logon is set to Automatic logon with current username and password.</string>
<string id="IZ_PolicyLogon_ExplainDefaultLogonInIntranet">This policy setting allows you to manage settings for logon options.
If you enable this policy setting, you can choose from the following logon options.
Anonymous logon to disable HTTP authentication and use the guest account only for the Common Internet File System (CIFS) protocol.
Prompt for user name and password to query users for user IDs and passwords. After a user is queried, these values can be used silently for the remainder of the session.
Automatic logon only in Intranet zone to query users for user IDs and passwords in other zones. After a user is queried, these values can be used silently for the remainder of the session.
Automatic logon with current user name and password to attempt logon using Windows NT Challenge Response (also known as NTLM authentication). If Windows NT Challenge Response is supported by the server, the logon uses the user's network user name and password for logon. If Windows NT Challenge Response is not supported by the server, the user is queried to provide the user name and password.
If you disable this policy setting, logon is set to Automatic logon only in Intranet zone.
If you do not configure this policy setting, logon is set to Automatic logon only in Intranet zone.</string>
<string id="IZ_PolicyLogon_ExplainDefaultPrompt">This policy setting allows you to manage settings for logon options.
If you enable this policy setting, you can choose from the following logon options.
Anonymous logon to disable HTTP authentication and use the guest account only for the Common Internet File System (CIFS) protocol.
Prompt for user name and password to query users for user IDs and passwords. After a user is queried, these values can be used silently for the remainder of the session.
Automatic logon only in Intranet zone to query users for user IDs and passwords in other zones. After a user is queried, these values can be used silently for the remainder of the session.
Automatic logon with current user name and password to attempt logon using Windows NT Challenge Response (also known as NTLM authentication). If Windows NT Challenge Response is supported by the server, the logon uses the user's network user name and password for logon. If Windows NT Challenge Response is not supported by the server, the user is queried to provide the user name and password.
If you disable this policy setting, logon is set to Automatic logon only in Intranet zone.
If you do not configure this policy setting, logon is set to Prompt for username and password.</string>
<string id="IZ_PolicyMimeSniffingURLaction">Enable MIME Sniffing</string>
<string id="IZ_PolicyMimeSniffingURLaction_ExplainDefaultDisable">This policy setting allows you to manage MIME sniffing for file promotion from one type to another based on a MIME sniff. A MIME sniff is the recognition by Internet Explorer of the file type based on a bit signature.
If you enable this policy setting, the MIME Sniffing Safety Feature will not apply in this zone. The security zone will run without the added layer of security provided by this feature.
If you disable this policy setting, the actions that may be harmful cannot run; this Internet Explorer security feature will be turned on in this zone, as dictated by the feature control setting for the process.
If you do not configure this policy setting, the actions that may be harmful cannot run; this Internet Explorer security feature will be turned on in this zone, as dictated by the feature control setting for the process.</string>
<string id="IZ_PolicyMimeSniffingURLaction_ExplainDefaultEnable">This policy setting allows you to manage MIME sniffing for file promotion from one type to another based on a MIME sniff. A MIME sniff is the recognition by Internet Explorer of the file type based on a bit signature.
If you enable this policy setting, the MIME Sniffing Safety Feature will not apply in this zone. The security zone will run without the added layer of security provided by this feature.
If you disable this policy setting, the actions that may be harmful cannot run; this Internet Explorer security feature will be turned on in this zone, as dictated by the feature control setting for the process.
If you do not configure this policy setting, the MIME Sniffing Safety Feature will not apply in this zone.</string>
<string id="IZ_PolicyDragDropAcrossDomainsWithinWindow">Enable dragging of content from different domains within a window</string>
<string id="IZ_PolicyDragDropAcrossDomainsWithinWindow_ExplainDefault">This policy setting allows you to set options for dragging content from one domain to a different domain when the source and destination are in the same window.
If you enable this policy setting and click Enable, users can drag content from one domain to a different domain when the source and destination are in the same window. Users cannot change this setting.
If you enable this policy setting and click Disable, users cannot drag content from one domain to a different domain when the source and destination are in the same window. Users cannot change this setting in the Internet Options dialog.
In Internet Explorer 10, if you disable this policy setting or do not configure it, users cannot drag content from one domain to a different domain when the source and destination are in the same window. Users can change this setting in the Internet Options dialog.
In Internet Explorer 9 and earlier versions, if you disable this policy setting or do not configure it, users can drag content from one domain to a different domain when the source and destination are in the same window. Users cannot change this setting in the Internet Options dialog.</string>
<string id="IZ_PolicyDragDropAcrossDomainsAcrossWindows">Enable dragging of content from different domains across windows</string>
<string id="IZ_PolicyDragDropAcrossDomainsAcrossWindows_ExplainDefault">This policy setting allows you to set options for dragging content from one domain to a different domain when the source and destination are in different windows.
If you enable this policy setting and click Enable, users can drag content from one domain to a different domain when the source and destination are in different windows. Users cannot change this setting.
If you enable this policy setting and click Disable, users cannot drag content from one domain to a different domain when both the source and destination are in different windows. Users cannot change this setting.
In Internet Explorer 10, if you disable this policy setting or do not configure it, users cannot drag content from one domain to a different domain when the source and destination are in different windows. Users can change this setting in the Internet Options dialog.
In Internet Explorer 9 and earlier versions, if you disable this policy or do not configure it, users can drag content from one domain to a different domain when the source and destination are in different windows. Users cannot change this setting.</string>
<string id="IZ_PolicyNavigateSubframesAcrossDomains">Navigate windows and frames across different domains</string>
<string id="IZ_PolicyNavigateSubframesAcrossDomains_ExplainDefaultDisable">This policy setting allows you to manage the opening of windows and frames and access of applications across different domains.
If you enable this policy setting, users can open additional windows and frames from other domains and access applications from other domains. If you select Prompt in the drop-down box, users are queried whether to allow additional windows and frames to access applications from other domains.
If you disable this policy setting, users cannot open other windows and frames from other domains or access applications from different domains.
If you do not configure this policy setting, users cannot open other windows and frames from different domains or access applications from different domains.</string>
<string id="IZ_PolicyNavigateSubframesAcrossDomains_ExplainDefaultEnable">This policy setting allows you to manage the opening of windows and frames and access of applications across different domains.
If you enable this policy setting, users can open windows and frames from othe domains and access applications from other domains. If you select Prompt in the drop-down box, users are queried whether to allow windows and frames to access applications from other domains.
If you disable this policy setting, users cannot open windows and frames to access applications from different domains.
If you do not configure this policy setting, users can open windows and frames from othe domains and access applications from other domains.</string>
<string id="IZ_PolicyNetworkProtocolLockdown">Allow active content over restricted protocols to access my computer</string>
<string id="IZ_PolicyNetworkProtocolLockdown_ExplainDefaultDisable">This policy setting allows you to manage whether a resource hosted on an admin-restricted protocol in the Trusted Sites Zone can run active content such as script, ActiveX, Java and Binary Behaviors. The list of restricted protocols may be set in the Trusted Sites Zone Restricted Protocols section under Network Protocol Lockdown policy.
If you enable this policy setting, no Trusted Sites Zone content accessed is affected, even for protocols on the restricted list. If you select Prompt from the drop-down box, the Notification bar will appear to allow control over questionable content accessed over any restricted protocols; content over other protocols is unaffected.
If you disable this policy setting, all attempts to access such content over the restricted protocols is blocked.
If you do not configure this policy setting, all attempts to access such content over the restricted protocols is blocked when the Network Protocol Lockdown security feature is enabled.</string>
<string id="IZ_PolicyNetworkProtocolLockdown_ExplainDefaultPrompt">This policy setting allows you to manage whether a resource hosted on an admin-restricted protocol in the Intranet Zone can run active content such as script, ActiveX, Java and Binary Behaviors. The list of restricted protocols may be set in the Intranet Zone Restricted Protocols section under Network Protocol Lockdown policy.
If you enable this policy setting, no Intranet Zone content accessed is affected, even for protocols on the restricted list. If you select Prompt from the drop-down box, the Notification bar will appear to allow control over questionable content accessed over any restricted protocols; content over other protocols is unaffected.
If you disable this policy setting, all attempts to access such content over the restricted protocols is blocked.
If you do not configure this policy setting, the Notification bar will appear to allow control over questionable content accessed over any restricted protocols when the Network Protocol Lockdown security feature is enabled.</string>
<string id="IZ_PolicyNoPromptForOneOrNoClientCertificate">Do not prompt for client certificate selection when no certificates or only one certificate exists.</string>
<string id="IZ_PolicyNoPromptForOneOrNoClientCertificate_ExplainDefaultDisable">This policy setting allows you to manage whether users are prompted to select a certificate when no certificate or only one certificate exists.
If you enable this policy setting, Internet Explorer does not prompt users with a "Client Authentication" message when they connect to a Web site that has no certificate or only one certificate.
If you disable this policy setting, Internet Explorer prompts users with a "Client Authentication" message when they connect to a Web site that has no certificate or only one certificate.
If you do not configure this policy setting, Internet Explorer prompts users with a Client Authentication message when they connect to a Web site that has no certificate or only one certificate.</string>
<string id="IZ_PolicyNoPromptForOneOrNoClientCertificate_ExplainDefaultEnable">This policy setting allows you to manage whether users are prompted to select a certificate when no certificate or only one certificate exists.
If you enable this policy setting, Internet Explorer does not prompt users with a "Client Authentication" message when they connect to a Web site that has no certificate or only one certificate.
If you disable this policy setting, Internet Explorer prompts users with a "Client Authentication" message when they connect to a Web site that has no certificate or only one certificate.
If you do not configure this policy setting, Internet Explorer does not prompt users with a "Client Authentication" message when they connect to a Web site that has no certificate or only one certificate.</string>
<string id="IZ_PolicyNotificationBarActiveXURLaction">Automatic prompting for ActiveX controls</string>
<string id="IZ_PolicyNotificationBarActiveXURLaction_ExplainDefaultDisable">This policy setting manages whether users will be automatically prompted for ActiveX control installations.
If you enable this policy setting, users will receive a prompt when a site instantiates an ActiveX control they do not have installed.
If you disable this policy setting, ActiveX control installations will be blocked using the Notification bar. Users can click on the Notification bar to allow the ActiveX control prompt.
If you do not configure this policy setting, ActiveX control installations will be blocked using the Notification bar. Users can click on the Notification bar to allow the ActiveX control prompt.</string>
<string id="IZ_PolicyNotificationBarActiveXURLaction_ExplainDefaultEnable">This policy setting manages whether users will be automatically prompted for ActiveX control installations.
If you enable this policy setting, users will receive a prompt when a site instantiates an ActiveX control they do not have installed.
If you disable this policy setting, ActiveX control installations will be blocked using the Notification bar. Users can click on the Notification bar to allow the ActiveX control prompt.
If you do not configure this policy setting, users will receive a prompt when a site instantiates an ActiveX control they do not have installed.</string>
<string id="IZ_PolicyNotificationBarDownloadURLaction">Automatic prompting for file downloads</string>
<string id="IZ_PolicyNotificationBarDownloadURLaction_ExplainDefaultDisable">This policy setting determines whether users will be prompted for non user-initiated file downloads. Regardless of this setting, users will receive file download dialogs for user-initiated downloads.
If you enable this setting, users will receive a file download dialog for automatic download attempts.
If you disable or do not configure this setting, file downloads that are not user-initiated will be blocked, and users will see the Notification bar instead of the file download dialog. Users can then click the Notification bar to allow the file download prompt.</string>
<string id="IZ_PolicyNotificationBarDownloadURLaction_ExplainDefaultEnable">This policy setting determines whether users will be prompted for non user-initiated file downloads. Regardless of this setting, users will receive file download dialogs for user-initiated downloads.
If you enable this setting, users will receive a file download dialog for automatic download attempts.
If you disable or do not configure this setting, users will receive a file download dialog for automatic download attempts.</string>
<string id="IZ_PolicyRestrictedSitesZoneLockdownTemplate">Locked-Down Restricted Sites Zone Template</string>
<string id="IZ_PolicyRestrictedSitesZoneTemplate">Restricted Sites Zone Template</string>
<string id="IZ_PolicyRunActiveXControls">Run ActiveX controls and plugins</string>
<string id="IZ_PolicyRunActiveXControls_ExplainDefaultDisable">This policy setting allows you to manage whether ActiveX controls and plug-ins can be run on pages from the specified zone.
If you enable this policy setting, controls and plug-ins can run without user intervention.
If you selected Prompt in the drop-down box, users are asked to choose whether to allow the controls or plug-in to run.
If you disable this policy setting, controls and plug-ins are prevented from running.
If you do not configure this policy setting, controls and plug-ins are prevented from running.</string>
<string id="IZ_PolicyRunActiveXControls_ExplainDefaultEnable">This policy setting allows you to manage whether ActiveX controls and plug-ins can be run on pages from the specified zone.
If you enable this policy setting, controls and plug-ins can run without user intervention.
If you selected Prompt in the drop-down box, users are asked to choose whether to allow the controls or plug-in to run.
If you disable this policy setting, controls and plug-ins are prevented from running.
If you do not configure this policy setting, controls and plug-ins can run without user intervention.</string>
<string id="IZ_PolicyScriptActiveXMarkedSafe">Script ActiveX controls marked safe for scripting</string>
<string id="IZ_PolicyScriptActiveXMarkedSafe_ExplainDefaultDisable">This policy setting allows you to manage whether an ActiveX control marked safe for scripting can interact with a script.
If you enable this policy setting, script interaction can occur automatically without user intervention.
If you select Prompt in the drop-down box, users are queried to choose whether to allow script interaction.
If you disable this policy setting, script interaction is prevented from occurring.
If you do not configure this policy setting, script interaction is prevented from occurring.</string>
<string id="IZ_PolicyScriptActiveXMarkedSafe_ExplainDefaultEnable">This policy setting allows you to manage whether an ActiveX control marked safe for scripting can interact with a script.
If you enable this policy setting, script interaction can occur automatically without user intervention.
If you select Prompt in the drop-down box, users are queried to choose whether to allow script interaction.
If you disable this policy setting, script interaction is prevented from occurring.
If you do not configure this policy setting, script interaction can occur automatically without user intervention.</string>
<string id="IZ_PolicyAntiMalwareCheckingOfActiveXControls">Don't run antimalware programs against ActiveX controls</string>
<string id="IZ_PolicyAntiMalwareCheckingOfActiveXControls_ExplainDefaultEnable">This policy setting determines whether Internet Explorer runs antimalware programs against ActiveX controls, to check if they're safe to load on pages.
If you enable this policy setting, Internet Explorer won't check with your antimalware program to see if it's safe to create an instance of the ActiveX control.
If you disable this policy setting, Internet Explorer always checks with your antimalware program to see if it's safe to create an instance of the ActiveX control.
If you don't configure this policy setting, Internet Explorer always checks with your antimalware program to see if it's safe to create an instance of the ActiveX control. Users can turn this behavior on or off, using Internet Explorer Security settings.</string>
<string id="IZ_PolicyAntiMalwareCheckingOfActiveXControls_ExplainDefaultDisable">This policy setting determines whether Internet Explorer runs antimalware programs against ActiveX controls, to check if they're safe to load on pages.
If you enable this policy setting, Internet Explorer won't check with your antimalware program to see if it's safe to create an instance of the ActiveX control.
If you disable this policy setting, Internet Explorer always checks with your antimalware program to see if it's safe to create an instance of the ActiveX control.
If you don't configure this policy setting, Internet Explorer won't check with your antimalware program to see if it's safe to create an instance of the ActiveX control. Users can turn this behavior on or off, using Internet Explorer Security settings.</string>
<string id="IZ_PolicyScriptActiveXNotMarkedSafe">Initialize and script ActiveX controls not marked as safe</string>
<string id="IZ_PolicyScriptActiveXNotMarkedSafe_ExplainDefaultDisable">This policy setting allows you to manage ActiveX controls not marked as safe.
If you enable this policy setting, ActiveX controls are run, loaded with parameters, and scripted without setting object safety for untrusted data or scripts. This setting is not recommended, except for secure and administered zones. This setting causes both unsafe and safe controls to be initialized and scripted, ignoring the Script ActiveX controls marked safe for scripting option.
If you enable this policy setting and select Prompt in the drop-down box, users are queried whether to allow the control to be loaded with parameters or scripted.
If you disable this policy setting, ActiveX controls that cannot be made safe are not loaded with parameters or scripted.
If you do not configure this policy setting, ActiveX controls that cannot be made safe are not loaded with parameters or scripted.</string>
<string id="IZ_PolicyScriptActiveXNotMarkedSafe_ExplainDefaultPrompt">This policy setting allows you to manage ActiveX controls not marked as safe.
If you enable this policy setting, ActiveX controls are run, loaded with parameters, and scripted without setting object safety for untrusted data or scripts. This setting is not recommended, except for secure and administered zones. This setting causes both unsafe and safe controls to be initialized and scripted, ignoring the Script ActiveX controls marked safe for scripting option.
If you enable this policy setting and select Prompt in the drop-down box, users are queried whether to allow the control to be loaded with parameters or scripted.
If you disable this policy setting, ActiveX controls that cannot be made safe are not loaded with parameters or scripted.
If you do not configure this policy setting, users are queried whether to allow the control to be loaded with parameters or scripted.</string>
<string id="IZ_PolicyScriptingOfJavaApplets">Scripting of Java applets</string>
<string id="IZ_PolicyScriptingOfJavaApplets_ExplainDefaultDisable">This policy setting allows you to manage whether applets are exposed to scripts within the zone.
If you enable this policy setting, scripts can access applets automatically without user intervention.
If you select Prompt in the drop-down box, users are queried to choose whether to allow scripts to access applets.
If you disable this policy setting, scripts are prevented from accessing applets.
If you do not configure this policy setting, scripts are prevented from accessing applets.</string>
<string id="IZ_PolicyScriptingOfJavaApplets_ExplainDefaultEnable">This policy setting allows you to manage whether applets are exposed to scripts within the zone.
If you enable this policy setting, scripts can access applets automatically without user intervention.
If you select Prompt in the drop-down box, users are queried to choose whether to allow scripts to access applets.
If you disable this policy setting, scripts are prevented from accessing applets.
If you do not configure this policy setting, scripts can access applets automatically without user intervention.</string>
<string id="IZ_PolicySignedFrameworkComponentsURLaction">Run .NET Framework-reliant components signed with Authenticode</string>
<string id="IZ_PolicySignedFrameworkComponentsURLaction_ExplainDefaultDisable">This policy setting allows you to manage whether .NET Framework components that are signed with Authenticode can be executed from Internet Explorer. These components include managed controls referenced from an object tag and managed executables referenced from a link.
If you enable this policy setting, Internet Explorer will execute signed managed components. If you select Prompt in the drop-down box, Internet Explorer will prompt the user to determine whether to execute signed managed components.
If you disable this policy setting, Internet Explorer will not execute signed managed components.
If you do not configure this policy setting, Internet Explorer will not execute signed managed components.</string>
<string id="IZ_PolicySignedFrameworkComponentsURLaction_ExplainDefaultEnable">This policy setting allows you to manage whether .NET Framework components that are signed with Authenticode can be executed from Internet Explorer. These components include managed controls referenced from an object tag and managed executables referenced from a link.
If you enable this policy setting, Internet Explorer will execute signed managed components. If you select Prompt in the drop-down box, Internet Explorer will prompt the user to determine whether to execute signed managed components.
If you disable this policy setting, Internet Explorer will not execute signed managed components.
If you do not configure this policy setting, Internet Explorer will execute signed managed components.</string>
<string id="IZ_PolicySoftwareChannelPermissions">Software channel permissions</string>
<string id="IZ_PolicySoftwareChannelPermissions_ExplainDefaultHigh">This policy setting allows you to manage software channel permissions.
If you enable this policy setting, you can choose the following options from the drop-down box.
Low safety to allow users to be notified of software updates by e-mail, software packages to be automatically downloaded to users' computers, and software packages to be automatically installed on users' computers.
Medium safety to allow users to be notified of software updates by e-mail and software packages to be automatically downloaded to (but not installed on) users' computers.
High safety to prevent users from being notified of software updates by e-mail, software packages from being automatically downloaded to users' computers, and software packages from being automatically installed on users' computers.
If you disable this policy setting, permissions are set to high safety.
If you do not configure this policy setting, permissions are set to High safety.</string>
<string id="IZ_PolicySoftwareChannelPermissions_ExplainDefaultLow">This policy setting allows you to manage software channel permissions.
If you enable this policy setting, you can choose the following options from the drop-down box.
Low safety to allow users to be notified of software updates by e-mail, software packages to be automatically downloaded to users' computers, and software packages to be automatically installed on users' computers.
Medium safety to allow users to be notified of software updates by e-mail and software packages to be automatically downloaded to (but not installed on) users' computers.
High safety to prevent users from being notified of software updates by e-mail, software packages from being automatically downloaded to users' computers, and software packages from being automatically installed on users' computers.
If you disable this policy setting, permissions are set to high safety.
If you do not configure this policy setting, permissions are set to Low safety.</string>
<string id="IZ_PolicySoftwareChannelPermissions_ExplainDefaultMedium">This policy setting allows you to manage software channel permissions.
If you enable this policy setting, you can choose the following options from the drop-down box.
Low safety to allow users to be notified of software updates by e-mail, software packages to be automatically downloaded to users' computers, and software packages to be automatically installed on users' computers.
Medium safety to allow users to be notified of software updates by e-mail and software packages to be automatically downloaded to (but not installed on) users' computers.
High safety to prevent users from being notified of software updates by e-mail, software packages from being automatically downloaded to users' computers, and software packages from being automatically installed on users' computers.
If you disable this policy setting, permissions are set to high safety.
If you do not configure this policy setting, permissions are set to Medium safety.</string>
<string id="IZ_PolicySubmitNonencryptedFormData">Submit non-encrypted form data</string>
<string id="IZ_PolicySubmitNonencryptedFormData_ExplainDefaultEnable">This policy setting allows you to manage whether data on HTML forms on pages in the zone may be submitted. Forms sent with SSL (Secure Sockets Layer) encryption are always allowed; this setting only affects non-SSL form data submission.
If you enable this policy setting, information using HTML forms on pages in this zone can be submitted automatically. If you select Prompt in the drop-down box, users are queried to choose whether to allow information using HTML forms on pages in this zone to be submitted.
If you disable this policy setting, information using HTML forms on pages in this zone is prevented from being submitted.
If you do not configure this policy setting, information using HTML forms on pages in this zone can be submitted automatically.</string>
<string id="IZ_PolicySubmitNonencryptedFormData_ExplainDefaultPrompt">This policy setting allows you to manage whether data on HTML forms on pages in the zone may be submitted. Forms sent with SSL (Secure Sockets Layer) encryption are always allowed; this setting only affects non-SSL form data submission.
If you enable this policy setting, information using HTML forms on pages in this zone can be submitted automatically. If you select Prompt in the drop-down box, users are queried to choose whether to allow information using HTML forms on pages in this zone to be submitted.
If you disable this policy setting, information using HTML forms on pages in this zone is prevented from being submitted.
If you do not configure this policy setting, users are queried to choose whether to allow information using HTML forms on pages in this zone to be submitted.</string>
<string id="IZ_PolicyTrustedSitesZoneLockdownTemplate">Locked-Down Trusted Sites Zone Template</string>
<string id="IZ_PolicyTrustedSitesZoneTemplate">Trusted Sites Zone Template</string>
<string id="IZ_PolicyUnsignedFrameworkComponentsURLaction">Run .NET Framework-reliant components not signed with Authenticode</string>
<string id="IZ_PolicyUnsignedFrameworkComponentsURLaction_ExplainDefaultDisable">This policy setting allows you to manage whether .NET Framework components that are not signed with Authenticode can be executed from Internet Explorer. These components include managed controls referenced from an object tag and managed executables referenced from a link.
If you enable this policy setting, Internet Explorer will execute unsigned managed components. If you select Prompt in the drop-down box, Internet Explorer will prompt the user to determine whether to execute unsigned managed components.
If you disable this policy setting, Internet Explorer will not execute unsigned managed components.
If you do not configure this policy setting, Internet Explorer will not execute unsigned managed components.</string>
<string id="IZ_PolicyUnsignedFrameworkComponentsURLaction_ExplainDefaultEnable">This policy setting allows you to manage whether .NET Framework components that are not signed with Authenticode can be executed from Internet Explorer. These components include managed controls referenced from an object tag and managed executables referenced from a link.
If you enable this policy setting, Internet Explorer will execute unsigned managed components. If you select Prompt in the drop-down box, Internet Explorer will prompt the user to determine whether to execute unsigned managed components.
If you disable this policy setting, Internet Explorer will not execute unsigned managed components.
If you do not configure this policy setting, Internet Explorer will execute unsigned managed components.</string>
<string id="IZ_PolicyUserdataPersistence">Userdata persistence</string>
<string id="IZ_PolicyUserdataPersistence_ExplainDefaultDisable">This policy setting allows you to manage the preservation of information in the browser's history, in favorites, in an XML store, or directly within a Web page saved to disk. When a user returns to a persisted page, the state of the page can be restored if this policy setting is appropriately configured.
If you enable this policy setting, users can preserve information in the browser's history, in favorites, in an XML store, or directly within a Web page saved to disk.
If you disable this policy setting, users cannot preserve information in the browser's history, in favorites, in an XML store, or directly within a Web page saved to disk.
If you do not configure this policy setting, users cannot preserve information in the browser's history, in favorites, in an XML store, or directly within a Web page saved to disk.</string>
<string id="IZ_PolicyUserdataPersistence_ExplainDefaultEnable">This policy setting allows you to manage the preservation of information in the browser's history, in favorites, in an XML store, or directly within a Web page saved to disk. When a user returns to a persisted page, the state of the page can be restored if this policy setting is appropriately configured.
If you enable this policy setting, users can preserve information in the browser's history, in favorites, in an XML store, or directly within a Web page saved to disk.
If you disable this policy setting, users cannot preserve information in the browser's history, in favorites, in an XML store, or directly within a Web page saved to disk.
If you do not configure this policy setting, users can preserve information in the browser's history, in favorites, in an XML store, or directly within a Web page saved to disk.</string>
<string id="IZ_PolicyWindowsRestrictionsURLaction">Allow script-initiated windows without size or position constraints</string>
<string id="IZ_PolicyWindowsRestrictionsURLaction_ExplainDefaultDisable">This policy setting allows you to manage restrictions on script-initiated pop-up windows and windows that include the title and status bars.
If you enable this policy setting, Windows Restrictions security will not apply in this zone. The security zone runs without the added layer of security provided by this feature.
If you disable this policy setting, the possible harmful actions contained in script-initiated pop-up windows and windows that include the title and status bars cannot be run. This Internet Explorer security feature will be on in this zone as dictated by the Scripted Windows Security Restrictions feature control setting for the process.
If you do not configure this policy setting, the possible harmful actions contained in script-initiated pop-up windows and windows that include the title and status bars cannot be run. This Internet Explorer security feature will be on in this zone as dictated by the Scripted Windows Security Restrictions feature control setting for the process.</string>
<string id="IZ_PolicyWindowsRestrictionsURLaction_ExplainDefaultEnable">This policy setting allows you to manage restrictions on script-initiated pop-up windows and windows that include the title and status bars.
If you enable this policy setting, Windows Restrictions security will not apply in this zone. The security zone runs without the added layer of security provided by this feature.
If you disable this policy setting, the possible harmful actions contained in script-initiated pop-up windows and windows that include the title and status bars cannot be run. This Internet Explorer security feature will be on in this zone as dictated by the Scripted Windows Security Restrictions feature control setting for the process.
If you do not configure this policy setting, Windows Restrictions security will not apply in this zone. The security zone runs without the added layer of security provided by this feature.</string>
<string id="IZ_PolicyZoneElevationURLaction">Web sites in less privileged Web content zones can navigate into this zone</string>
<string id="IZ_PolicyZoneElevationURLaction_ExplainDefaultDisable">This policy setting allows you to manage whether Web sites from less privileged zones, such as Internet sites, can navigate into this zone.
If you enable this policy setting, Web sites from less privileged zones can open new windows in, or navigate into, this zone. The security zone will run without the added layer of security that is provided by the Protection from Zone Elevation security feature. If you select Prompt in the drop-down box, a warning is issued to the user that potentially risky navigation is about to occur.
If you disable this policy setting, the possibly harmful navigations are prevented. The Internet Explorer security feature will be on in this zone as set by Protection from Zone Elevation feature control.
If you do not configure this policy setting, the possibly harmful navigations are prevented. The Internet Explorer security feature will be on in this zone as set by Protection from Zone Elevation feature control.</string>
<string id="IZ_PolicyZoneElevationURLaction_ExplainDefaultEnable">This policy setting allows you to manage whether Web sites from less privileged zones, such as Restricted Sites, can navigate into this zone.
If you enable this policy setting, Web sites from less privileged zones can open new windows in, or navigate into, this zone. The security zone will run without the added layer of security that is provided by the Protection from Zone Elevation security feature. If you select Prompt in the drop-down box, a warning is issued to the user that potentially risky navigation is about to occur.
If you disable this policy setting, the possibly harmful navigations are prevented. The Internet Explorer security feature will be on in this zone as set by Protection from Zone Elevation feature control.
If you do not configure this policy setting, Web sites from less privileged zones can open new windows in, or navigate into, this zone.</string>
<string id="IZ_PolicyZoneElevationURLaction_ExplainDefaultPrompt">This policy setting allows you to manage whether Web sites from less privileged zones, such as Restricted Sites, can navigate into this zone.
If you enable this policy setting, Web sites from less privileged zones can open new windows in, or navigate into, this zone. The security zone will run without the added layer of security that is provided by the Protection from Zone Elevation security feature. If you select Prompt in the drop-down box, a warning is issued to the user that potentially risky navigation is about to occur.
If you disable this policy setting, the possibly harmful navigations are prevented. The Internet Explorer security feature will be on in this zone as set by Protection from Zone Elevation feature control.
If you do not configure this policy setting, a warning is issued to the user that potentially risky navigation is about to occur.</string>
<string id="IZ_ProxyByPass">Intranet Sites: Include all sites that bypass the proxy server</string>
<string id="IZ_RestrictedSitesZone">Restricted Sites Zone</string>
<string id="IZ_RestrictedSitesZoneLockdown">Locked-Down Restricted Sites Zone</string>
<string id="IZ_RestrictedSitesZoneLockdown_Explain">The settings in this zone apply only if the Restricted Zone is in 'lockdown' mode, such as when the Network Protocol Lockdown security feature is in effect. If the zone is locked down, these URL action settings do not override the standard Restricted Zone settings, but are compared against them. If the settings for that URL action in the two zones are the same, then that setting is used. Otherwise, the relevant behavior is strictly blocked, preventing the zone from operating with the standard (non-lockdown) zone's setting.</string>
<string id="IZ_SecurityPage">Security Page</string>
<string id="IZ_SecurityPageExplain">If you enable any policies for the security page, it is strongly recommended that you also configure policy to disable the security page from being presented in the UI to prevent users from believing that they can change their security settings.
You can disable the security page using the policy located at Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\.</string>
<string id="IZ_TrustedSitesZone">Trusted Sites Zone</string>
<string id="IZ_TrustedSitesZoneLockdown">Locked-Down Trusted Sites Zone</string>
<string id="IZ_TrustedSitesZoneLockdown_Explain">The settings in this zone apply only if the Trusted Zone is in 'lockdown' mode, such as when the Network Protocol Lockdown security feature is in effect. If the zone is locked down, these URL action settings do not override the standard Trusted Zone settings, but are compared against them. If the settings for that URL action in the two zones are the same, then that setting is used. Otherwise, the user is presented with a Notification bar, and may allow the zone to operate with the standard (non-lockdown) zone's setting.</string>
<string id="IZ_UNCAsIntranet">Intranet Sites: Include all network paths (UNCs)</string>
<string id="IZ_Zonemaps">Site to Zone Assignment List</string>
<string id="LinkColor_Explain">This policy setting prevents the user from specifying the color of webpage links that he or she has not yet clicked. Appropriate color choices can make links easier to see for some users, especially those who use high-contrast color schemes.
If you enable this policy setting, the user cannot specify the color of links not yet clicked in Internet Explorer. You must specify the link color (for example: 192,192,192).
If you disable or do not configure this policy setting, the user can specify the color of links not yet clicked.</string>
<string id="LinkColorPol">Prevent specifying the color of links that have not yet been clicked</string>
<string id="LinkColors">Link Colors</string>
<string id="LinkColorVisited_Explain">This policy setting prevents the user from specifying the color of webpage links that he or she has already clicked. Appropriate color choices can make links easier to see for some users, especially those who use high-contrast color schemes.
If you enable this policy setting, the user cannot specify the color of links already clicked in Internet Explorer. You must specify the link color (for example: 192,192,192).
If you disable or do not configure this policy setting, the user can specify the color of links already clicked.</string>
<string id="LinkColorVisitedPol">Prevent specifying the color of links that have already been clicked</string>
<string id="ManualPhishing">Manual</string>
<string id="MaxSubscription">Subscription Limits</string>
<string id="MaxWebcrawlDepth0">0</string>
<string id="MaxWebcrawlDepth1">1</string>
<string id="MaxWebcrawlDepth2">2</string>
<string id="MaxWebcrawlDepth3">3</string>
<string id="MediaSettings">Configure Media Explorer Bar</string>
<string id="Menu_Controls">Menu Controls</string>
<string id="Menus">Browser menus</string>
<string id="Microsoft_Agent">Microsoft Agent</string>
<string id="Microsoft_Chat">Microsoft Chat</string>
<string id="MSNBC">MSNBC</string>
<string id="Multimedia">Multimedia</string>
<string id="NetShowFile">NetShow File Transfer Control</string>
<string id="Never">Never</string>
<string id="New">Open in a new Internet Explorer window</string>
<string id="NoAddingChannels">Disable adding channels</string>
<string id="NoAddingSubscriptions">Disable adding schedules for offline pages</string>
<string id="NoAutomaticSignup">Turn on automatic signup</string>
<string id="NoAutomaticSignup_Explain">This policy setting allows Internet Explorer to be started automatically to complete the signup process after the branding is complete for Internet service providers (ISPs) through the Internet Explorer Administration Kit (IEAK).
If you enable this policy setting, Internet Explorer is started automatically to complete the signup process after the branding is complete for ISPs (IEAK). The user cannot change this behavior.
If you disable this policy setting, Internet Explorer is not started automatically to complete the signup process after the branding is complete for ISPs (IEAK). The user cannot change this behavior.
If you do not configure this policy setting, the user can decide whether to start Internet Explorer automatically to complete the signup process after the branding is complete for ISPs (IEAK).</string>
<string id="NoBandCustomize">Disable customizing browser toolbars</string>
<string id="NoBrowserContextMenu">Turn off Shortcut Menu</string>
<string id="NoCertError">Prevent ignoring certificate errors</string>
<string id="NoChannelLogging">Disable offline page hit logging</string>
<string id="NoChannelUI">Disable channel user interface completely</string>
<string id="NoDelBrowsingHistory">Prevent access to Delete Browsing History</string>
<string id="NoDelForms">Prevent deleting form data</string>
<string id="NoDelPasswords">Prevent deleting passwords</string>
<string id="NoEditingScheduleGroups">Disable editing and creating of schedule groups</string>
<string id="NoEditingSubscriptions">Disable editing schedules for offline pages</string>
<string id="NoFavorites">Hide Favorites menu</string>
<string id="NoFirstRunCustomise">Prevent running First Run wizard</string>
<string id="NoHelpMenu">Prevent access to Internet Explorer Help</string>
<string id="NoIESearchBox">Prevent Internet Explorer Search box from appearing</string>
<string id="NoJITSetup">Disable Automatic Install of Internet Explorer components</string>
<string id="NoOpeninNewWnd">Disable Open in New Window menu option</string>
<string id="NoQuickTabs">Turn off Quick Tabs functionality</string>
<string id="NoRemovingChannels">Disable removing channels</string>
<string id="NoRemovingSubscriptions">Disable removing schedules for offline pages</string>
<string id="NoScheduledUpdates">Disable all scheduled offline pages</string>
<string id="NoSearchProvider">Prevent changing the default search provider</string>
<string id="NoSelectDownloadDir">Disable Save this program to disk option</string>
<string id="NoSplash">Disable showing the splash screen</string>
<string id="NoSubscriptionContent">Disable downloading of site subscription content</string>
<string id="NoTabBrowsing">Turn off tabbed browsing</string>
<string id="NoTabBrowsingPopups">Turn off configuration of pop-up windows in tabbed browsing</string>
<string id="NoToolbarCustomize">Disable customizing browser toolbar buttons</string>
<string id="NoUpdateCheck">Disable Periodic Check for Internet Explorer software updates</string>
<string id="NoWindowReuse">Prevent configuration of how windows open</string>
<string id="OESettings">Configure Outlook Express</string>
<string id="PageTransitions">Turn off page transitions</string>
<string id="PageTransitions_Explain">This policy setting specifies if, as you move from one Web page to another, Internet Explorer fades out of the page you are leaving and fades into the page to which you are going.
If you enable this policy setting, page transitions will be turned off. The user cannot change this behavior.
If you disable this policy setting, page transitions will be turned on. The user cannot change this behavior.
If you do not configure this policy setting, the user can turn on or off page transitions.
This feature only applies to versions of Internet Explorer up to and including Internet Explorer 8.</string>
<string id="Persistence">Persistence Behavior</string>
<string id="Persistence_FileLimits0">File size limits for Local Machine zone</string>
<string id="Persistence_FileLimits1">File size limits for Intranet zone</string>
<string id="Persistence_FileLimits2">File size limits for Trusted Sites zone</string>
<string id="Persistence_FileLimits3">File size limits for Internet zone</string>
<string id="Persistence_FileLimits4">File size limits for Restricted Sites zone</string>
<string id="PhishingOff">Off</string>
<string id="PhishingOn">On</string>
<string id="PopupBlocker_AllowList">Pop-up allow list</string>
<string id="Printing">Printing</string>
<string id="Printing_Explain">This policy setting specifies whether Internet Explorer prints background colors and images when the user prints a webpage. Including background colors and images might reduce the speed at which a page is printed and the quality of the printing, depending on the capabilities of the printer.
If you enable this policy setting, the printing of background colors and images is turned on. The user cannot turn it off.
If you disable this policy setting, the printing of background colors and images is turned off. The user cannot turn it on.
If you do not configure this policy setting, the user can turn on or turn off the printing of background colors and images.</string>
<string id="RestrictAccessibility">Disable changing accessibility settings</string>
<string id="RestrictAutoconfig">Disable changing Automatic Configuration settings</string>
<string id="RestrictAutoImageResize">Turn off automatic image resizing</string>
<string id="RestrictAutoImageResize_Explain">This policy setting specifies that you want Internet Explorer to automatically resize large images so that they fit in the browser window.
If you enable this policy setting, automatic image resizing is turned off. The user cannot change this setting.
If you disable this policy setting, automatic image resizing is turned on. The user cannot change this setting.
If you do not configure this policy setting, the user can turn on or off automatic image resizing.</string>
<string id="RestrictCache">Disable changing Temporary Internet files settings</string>
<string id="RestrictCalendarContact">Disable changing Calendar and Contact settings</string>
<string id="RestrictCertificates">Disable changing certificate settings</string>
<string id="RestrictCheckBrowser">Disable changing default browser check</string>
<string id="NotifyNotDefaultBrowser">Notify users if Internet Explorer is not the default web browser</string>
<string id="RestrictColors">Disable changing color settings</string>
<string id="RestrictConnectionSettings">Disable changing connection settings</string>
<string id="RestrictConnectionWizard">Disable Internet Connection wizard</string>
<string id="RestrictFonts">Disable changing font settings</string>
<string id="RestrictFormSuggest">Disable AutoComplete for forms</string>
<string id="RestrictFormSuggestPW">Turn on the auto-complete feature for user names and passwords on forms</string>
<string id="RestrictHistory">Disable "Configuring History"</string>
<string id="RestrictHomePage">Disable changing home page settings</string>
<string id="RestrictLanguages">Disable changing language settings</string>
<string id="RestrictLinks">Disable changing link color settings</string>
<string id="RestrictMessaging">Disable changing Messaging settings</string>
<string id="RestrictPopupExceptionList">Prevent managing pop-up exception list</string>
<string id="RestrictPopupManagement">Turn off pop-up management</string>
<string id="RestrictProfiles">Disable changing Profile Assistant settings</string>
<string id="RestrictProxy">Prevent changing proxy settings</string>
<string id="RestrictRatings">Disable changing ratings settings</string>
<string id="RestrictResetWebSettings">Disable the Reset Web Settings feature</string>
<string id="RestrictSettings">Prevent the deletion of temporary Internet files and cookies</string>
<string id="RestrictWebAddressSuggest">Turn off the auto-complete feature for web addresses</string>
<string id="RestrictWSAutoComplete">Turn off Windows Search AutoComplete</string>
<string id="RestrictDomainSuggestion">Turn off URL Suggestions</string>
<string id="RSS_Feeds">RSS Feeds</string>
<string id="ScriptErrorCache">Turn on the display of script errors</string>
<string id="ScriptErrorCache_Explain">This policy setting specifies whether to display script errors when a page does not appear properly because of problems with its scripting. This feature is off by default, but it is useful to developers when they are testing webpages.
If you enable this policy setting, the user is shown script errors when a page does not appear properly because of problems with its scripting. The user cannot change this policy setting.
If you disable this policy setting, the user is not shown script errors when a page does not appear properly because of problems with its scripting. The user cannot change this policy setting.
If you do not configure this policy setting, the user can turn on or turn off the display of script errors.</string>
<string id="Scriptlet">Microsoft Scriptlet Component</string>
<string id="ScriptPaste">Clipboard access</string>
<string id="Search_NoFindFiles">Search: Disable Find Files via F3 within the browser</string>
<string id="Search_NoSearchCustomization">Search: Disable Search Customization</string>
<string id="Searching">Searching</string>
<string id="Security_HKLM_only">Security Zones: Use only machine settings </string>
<string id="Security_options_edit">Security Zones: Do not allow users to change policies</string>
<string id="Security_zones_map_edit">Security Zones: Do not allow users to add/delete sites</string>
<string id="SecurityFeatures">Security Features</string>
<string id="SecurityPage_AutoDetect">Turn on automatic detection of intranet</string>
<string id="SecurityPage_WarnOnIntranet">Turn on Notification bar notification for intranet content</string>
<string id="ShellNotifications">Disable software update shell notifications on program launch</string>
<string id="ShowPictures">Turn off image display</string>
<string id="ShowPictures_Explain">This policy setting specifies whether graphical images are included when pages are displayed.
Sometimes, pages that contain several graphical images are displayed very slowly. If you want to display pages more quickly, you can turn off image display.
If you enable this policy setting, images do not appear. The user cannot turn on image display. However, the user can still display an individual image by right-clicking the icon that represents the image and then clicking Show Picture. The "Allow the display of image download placeholders" policy setting must be disabled if this policy setting is enabled.
If you disable this policy setting, images appear. The user cannot turn off image display.
If you do not configure this policy setting, the user can turn on or turn off image display.</string>
<string id="ShowPlaceholders">Allow the display of image download placeholders</string>
<string id="ShowPlaceholders_Explain">This policy setting specifies whether placeholders appear for graphical images while the images are downloading. This allows items on the page to be positioned where they will appear when the images are completely downloaded. This option is ignored if the Show Pictures check box is cleared.
If you enable this policy setting, placeholders appear for graphical images while the images are downloading. The user cannot change this policy setting. The "Turn off image display" policy setting must be disabled if this policy setting is enabled.
If you disable this policy setting, placeholders will not appear for graphical images while the images are downloading. The user cannot change this policy setting.
If you do not configure this policy setting, the user can allow or prevent the display of placeholders for graphical images while the images are downloading.</string>
<string id="EnableAlternativeCodec">Allow Internet Explorer to play media files that use alternative codecs</string>
<string id="EnableAlternativeCodec_Explain">This policy setting specifies whether Internet Explorer plays media files that use alternative codecs and that require additional software.
If you enable this policy setting, Internet Explorer plays these files, if the appropriate software is installed.
If you disable this policy setting, Internet Explorer does not play these files.
If you do not configure this policy setting, the user can change the "Enable alternative codecs in HTML5 media elements" setting on the Advanced tab in the Internet Options dialog box.</string>
<string id="SignupSettings">Signup Settings</string>
<string id="SmartImageDithering">Turn off smart image dithering</string>
<string id="SmartImageDithering_Explain">This policy setting specifies whether you want Internet Explorer to smooth images so that they appear less jagged when displayed.
If you enable this policy setting, smart image dithering is turned off. The user cannot turn it on.
If you disable this policy setting, smart image dithering is turned on. The user cannot turn it off.
If you do not configure this policy setting, the user can turn on or turn off smart image dithering.</string>
<string id="SmoothScrolling">Turn off smooth scrolling</string>
<string id="SmoothScrolling_Explain">This policy setting specifies whether smooth scrolling is used to display content at a predefined speed.
If you enable this policy setting, smooth scrolling is turned off. The user cannot turn on smooth scrolling.
If you disable this policy setting, smooth scrolling is turned on. The user cannot turn off smooth scrolling.
If you do not configure this policy setting, the user can turn smooth scrolling on or off.</string>
<string id="SpecificSearchProvider">Restrict search providers to a specific list</string>
<string id="SQM_DisableCEIP">Prevent participation in the Customer Experience Improvement Program</string>
<string id="SUPPORTED_IE4ONLY">Only Internet Explorer 4.0</string>
<string id="SUPPORTED_IE5">At least Internet Explorer 5.0</string>
<string id="SUPPORTED_IE5_6">Only Internet Explorer 5.0 and Internet Explorer 6.0</string>
<string id="SUPPORTED_IE5_7">Only Internet Explorer 5.0 through Internet Explorer 7.0</string>
<string id="SUPPORTED_IE5_8">Only Internet Explorer 5.0 through Internet Explorer 8.0</string>
<string id="SUPPORTED_IE5_9">Only Internet Explorer 5.0 through Internet Explorer 9.0</string>
<string id="SUPPORTED_IE5_NONWIN8">At least Internet Explorer 5.0. Not supported on Windows 8</string>
<string id="SUPPORTED_IE5_NONVISTA">At least Internet Explorer 5.0. Not supported on Windows Vista</string>
<string id="SUPPORTED_IE5ONLY">Only Internet Explorer 5.0</string>
<string id="SUPPORTED_IE6ONLY">Only Internet Explorer 6.0</string>
<string id="SUPPORTED_IE6SP2">At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1</string>
<string id="SUPPORTED_IE6SP2_IE7">Only Internet Explorer 6.0 in Windows XP Service Pack 2 or Windows Server 2003 Service Pack 1 through IE7 inclusive</string>
<string id="SUPPORTED_IE6SP2_IE8">Only Internet Explorer 6.0 in Windows XP Service Pack 2 or Windows Server 2003 Service Pack 1 through IE8 inclusive</string>
<string id="SUPPORTED_IE6SRVSP1">At least Internet Explorer 6.0 in Windows 2003 Service Pack 1</string>
<string id="SUPPORTED_IE6SRVSP1_NONVISTA">At least Internet Explorer 6.0 in Windows 2003 Service Pack 1. Not supported on Windows Vista</string>
<string id="SUPPORTED_IE6SRVSP1ONLY">Only Internet Explorer 6.0 in Windows 2003 Service Pack 1</string>
<string id="SUPPORTED_IE7">At least Internet Explorer 7.0</string>
<string id="SUPPORTED_IE7ONLY">Only Internet Explorer 7.0</string>
<string id="SUPPORTED_IE7_8">Only Internet Explorer 7.0 and Internet Explorer 8.0</string>
<string id="SUPPORTED_IE7_9">Internet Explorer 7.0 to Internet Explorer 9.0</string>
<string id="SUPPORTED_IE7_10">Internet Explorer 7.0 to Internet Explorer 10.0</string>
<string id="SUPPORTED_IE8_10">Internet Explorer 8.0 to Internet Explorer 10.0</string>
<string id="SUPPORTED_IE8">At least Internet Explorer 8.0</string>
<string id="SUPPORTED_IE8ONLY">Only Internet Explorer 8.0</string>
<string id="SUPPORTED_IE9">At least Internet Explorer 9.0</string>
<string id="SUPPORTED_IE10">At least Internet Explorer 10.0</string>
<string id="SUPPORTED_IE10WIN8">At least Internet Explorer 10.0 on Windows 8</string>
<string id="SUPPORTED_IE11">At least Internet Explorer 11.0</string>
<string id="SUPPORTED_IE7_NONVISTA">At least Internet Explorer 7.0. Not supported on Windows Vista</string>
<string id="SUPPORTED_IE7VISTA">At least Internet Explorer 7.0 in Windows Vista</string>
<string id="Survey">Microsoft Survey Control</string>
<string id="TabOpenInFgndBgnd">Prevent configuration of new tab creation</string>
<string id="TextColor_Explain">This policy setting prevents the user from specifying the text color in Internet Explorer.
If you enable this policy setting, the user cannot specify the text color in Internet Explorer. You must specify the text color (for example: 192,192,192).
If you disable or do not configure this policy setting, the user can specify the text color in Internet Explorer.</string>
<string id="TextColorPol">Prevent specifying text color</string>
<string id="ToolbarButtons">Configure Toolbar Buttons</string>
<string id="Toolbars">Toolbars</string>
<string id="Tools_Menu">Tools menu: Disable Internet Options... menu option</string>
<string id="TurnOnActiveXFiltering">Turn on ActiveX Filtering</string>
<string id="UnderlineLinksPol">Turn off configuring underline links</string>
<string id="UnderlineLinksPol_Explain">This policy setting specifies how you want links on webpages to be underlined.
If you enable this policy setting, a user cannot choose when to underline links. You must specify when to underline links:
• Always
• Never
• Hover (when the mouse pointer pauses on a link)
If you disable or do not configure this policy setting, the user can choose when to underline links.</string>
<string id="UpdateCheck">Periodic check for updates to Internet Explorer and Internet Tools</string>
<string id="UpdateIntervalPol">Prevent specifying the update check interval (in days)</string>
<string id="UpdateIntervalPol_Explain">This policy setting prevents the user from specifying the update check interval. The default value is 30 days.
If you enable this policy setting, the user cannot specify the update check interval. You must specify the update check interval.
If you disable or do not configure this policy setting, the user can specify the update check interval.</string>
<string id="UpdatePagePol">Prevent changing the URL for checking updates to Internet Explorer and Internet Tools</string>
<string id="UpdatePagePol_Explain">This policy setting prevents the user from changing the default URL for checking updates to Internet Explorer and Internet Tools.
If you enable this policy setting, the user cannot change the URL that is displayed for checking updates to Internet Explorer and Internet Tools. You must specify this URL.
If you disable or do not configure this policy setting, the user can change the URL that is displayed for checking updates to Internet Explorer and Internet Tools.</string>
<string id="URLFailsPol">Prevent configuration of search on Address bar</string>
<string id="URLFailsPol_Explain">This policy setting specifies whether the user can conduct a search on the Address bar.
If you enable this policy setting, you must specify which of the following actions applies to searches on the Address bar. The user cannot change the specified action.
• Do not search from the Address bar: The user cannot use the Address bar for searches. The user can still perform searches on the Search bar by clicking the Search button.
• Display the results in the main window: When the user searches on the Address bar, the list of search results is displayed in the main window.
If you disable or do not configure this policy setting, the user can specify what action applies to searches on the Address bar.</string>
<string id="UTF8URLQuery_Always">Always encode query strings in UTF-8</string>
<string id="UTF8URLQuery_Intranet">Encode query strings in UTF-8 only in Intranet URLs</string>
<string id="UTF8URLQuery_Never">Never encode query strings in UTF-8</string>
<string id="UTF8URLQuery_NonIntranet">Encode query strings in UTF-8 only in non-Intranet URLs</string>
<string id="TopResult0">Disable top result search</string>
<string id="TopResult1">Enable top result search</string>
<string id="TopResultPol">Prevent configuration of top-result search on Address bar</string>
<string id="TopResultPol_Explain">This policy setting allows you to specify whether a user can browse to the website of a top result when search is enabled on the Address bar. The possible options are:
• Disable top result search: When a user performs a search in the Address bar, a list of search results from the selected search provider is displayed in the main window.
• Enable top result search: When a user performs a search in the Address bar, the user is directed to an external top result website determined by the search provider, if available.
If you enable this policy setting, you can choose where to direct the user after a search on the Address bar: a top-result website or a search-results webpage in the main window.
If you disable or do not configure this policy setting, the user can select their preference for this behavior. Browsing to the top-result website is the default.</string>
<string id="UseHomePage">Go directly to home page</string>
<string id="UseHoverColor">Turn on the hover color option</string>
<string id="UseHoverColor_Explain">This policy setting makes hyperlinks change color when the mouse pointer pauses on them.
If you enable this policy setting, the hover color option is turned on. The user cannot turn it off.
If you disable this policy setting, the hover color option is turned off. The user cannot turn it on.
If you do not configure this policy setting, the user can turn on or turn off the hover color option.</string>
<string id="UserProxy">Make proxy settings per-machine (rather than per-user)</string>
<string id="UseWelcomeIEPage">Go directly to "Welcome To IE" page</string>
<string id="UseWindowsColors">Prevent the use of Windows colors</string>
<string id="UseWindowsColors_Explain">This policy setting prevents the user from using Windows colors as a part of the display settings.
If you enable this policy setting, Windows colors are turned off. The user cannot turn them on.
If you disable this policy setting, Windows colors are turned on. The user cannot turn them off.
If you do not configure this policy setting, the user can turn on or turn off Windows colors for display.</string>
<string id="UTF8">Turn off sending URL path as UTF-8</string>
<string id="UTF8_Explain">This policy setting specifies whether to use 8-bit Unicode Transformation Format (UTF-8), a standard that defines characters so they are readable in any language. By using UTF-8, you can exchange Internet addresses (URLs) that contain characters from any language.
If you enable this policy setting, Internet Explorer does not allow sending the path portion of URLs as UTF-8. The user cannot change this policy setting.
If you disable this policy setting, Internet Explorer allows sending the path portion of URLs as UTF-8. The user cannot change this policy setting.
If you do not configure this policy setting, the user can allow or prevent the sending of the path portion of URLs as UTF-8.</string>
<string id="View_NoTheaterMode">View menu: Disable Full Screen menu option</string>
<string id="View_NoViewSource">View menu: Disable Source menu option</string>
<string id="DisableDeveloperTools">Turn off Developer Tools</string>
<string id="DisableFavoritesBar">Turn off Favorites bar</string>
<string id="DisableTabGrouping">Turn off Tab Grouping</string>
<string id="IESF_DisableDataURI">Turn off Data URI support</string>
<string id="IESF_DisableDEP">Turn off Data Execution Prevention</string>
<string id="IE_ExplainDisableDeveloperTools">This policy setting allows you to manage whether the user can access Developer Tools in Internet Explorer.
If you enable this policy setting, the user cannot access Developer Tools.
If you disable or do not configure this policy setting, the user can access Developer Tools.</string>
<string id="IESF_DisablePasswordRevealButton">Do not display the reveal password button</string>
<string id="IESF_ExplainDisablePasswordRevealButton">This policy setting allows you to hide the reveal password button when Internet Explorer prompts users for a password. The reveal password button is displayed during password entry. When the user clicks the button, the current password value is visible until the mouse button is released (or until the tap ends).
If you enable this policy setting, the reveal password button will be hidden for all password fields. Users and developers will not be able to depend on the reveal password button being displayed in any web form or web application.
If you disable or do not configure this policy setting, the reveal password button can be shown by the application as a user types in a password. The reveal password button is visible by default.
On at least Windows 8, if the "Do not display the reveal password button" policy setting located in Computer Configuration\Administrative Templates\Windows Components\Credential User Interface is enabled for the system, it will override this policy setting.</string>
<string id="IE_ExplainDisableFavoritesBar">This policy setting allows you to manage whether a user has access to the Favorites bar in Internet Explorer.
If you enable this policy setting, the Favorites bar is turned off.
If you disable this policy setting, the Favorites bar is turned on.
If you do not configure this policy setting, the user can turn on or turn off the Favorites bar.</string>
<string id="IE_ExplainDisableTabGrouping">This policy setting allows you to manage whether the user has access to Tab Grouping in Internet Explorer.
If you enable this policy setting, Tab Grouping is turned off.
If you disable this policy setting, Tab Grouping is turned on.
If you do not configure this policy setting, the user can turn on or turn off Tab Grouping.</string>
<string id="IESF_ExplainDisableDEP">This policy setting allows you to turn off the Data Execution Prevention feature for Internet Explorer on Windows Server 2008, Windows Vista with SP1, and Windows XP with SP3.
If you enable this policy setting, Internet Explorer does not turn on Data Execution Prevention on platforms that support the SetProcessDEPPolicy function.
If you disable or do not configure this policy setting, Internet Explorer uses the SetProcessDEPPolicy function to turn on Data Execution Prevention on platforms that support the function.
This policy setting has no effect if Windows has been configured to enable Data Execution Prevention.</string>
<string id="IESF_ExplainDisableDataURI">This policy setting allows you to turn on or turn off Data URI support. A Data URI allows web developers to encapsulate images and .css files within the body of the URL and optionally encode them by using base 64 encoding. Malware filters or other network-based filters may not properly filter encapsulated data.
If you enable this policy setting, Data URI support is turned off. Without Data URI support, a Data URI will be interpreted as a failed URL.
If you disable this policy setting, Data URI support is turned on.
If you do not configure this policy setting, Data URI support can be turned on or off through the registry.</string>
<string id="DBHDisableDeleteCookies">Prevent deleting cookies</string>
<string id="DBHDisableDeleteHistory">Prevent deleting websites that the user has visited</string>
<string id="DBHDisableDeleteDownloadHistory">Prevent deleting download history</string>
<string id="DBHDisableDeleteTIF">Prevent deleting temporary Internet files</string>
<string id="DBHDisableDeleteInPrivateDataV8">Prevent deleting InPrivate Filtering data</string>
<string id="DBHDisableDeleteInPrivateDataV9">Prevent deleting ActiveX Filtering, Tracking Protection, and Do Not Track data</string>
<string id="DBHDisableKeepFavorites">Prevent deleting favorites site data</string>
<string id="DBHDisableDeleteOnExit">Allow deleting browsing history on exit</string>
<string id="DeleteBrowsingHistory">Delete Browsing History</string>
<string id="DisableACRPrompt">Turn off Automatic Crash Recovery</string>
<string id="IESF_MaxConnectionPerServer">Change the maximum number of connections per host (HTTP 1.1)</string>
<string id="IESF_MaxConnectionPer1_0Server">Maximum number of connections per server (HTTP 1.0)</string>
<string id="IESF_DisableXDM">Turn off cross-document messaging</string>
<string id="IESF_DisableXDR">Turn off the XDomainRequest object</string>
<string id="IESF_DisableWebSocket">Turn off the WebSocket Object</string>
<string id="IESF_WebSocketMaxConnectionsPerServer">Set the maximum number of WebSocket connections per server</string>
<string id="IESF_ExplainDisableWebSocket">The WebSocket object allows websites to request data across domains from your browser by using the WebSocket protocol. This policy setting allows administrators to enable or disable the WebSocket object. This policy setting does not prevent client-side communication across domains via other features in Internet Explorer 10. Also, this policy setting does not prevent a site from requesting cross-domain data through a server.
If you enable this policy setting, websites cannot request data across domains by using the WebSocket object.
If you disable or do not configure this policy setting, websites can request data across domains by using the WebSocket object. By default, the WebSocket object is enabled.</string>
<string id="IESF_ExplainWebSocketMaxConnectionsPerServer">This policy setting allows you to change the default limit of WebSocket connections per server. The default limit is 6; you can select a value from 2 through 128.
If you enable this policy setting, Internet Explorer uses the WebSocket connection limit that you set with this policy setting.
If you disable or do not configure this policy setting, Internet Explorer uses the default limit of 6 WebSocket connections per server.</string>
<string id="DisableSafetyFilterOverride">Prevent bypassing SmartScreen Filter warnings</string>
<string id="DisableSafetyFilterOverrideForAppRepUnknown">Prevent bypassing SmartScreen Filter warnings about files that are not commonly downloaded from the Internet</string>
<string id="IE_ExplainDBHDisableDeleteCookies">This policy setting prevents the user from deleting cookies. This feature is available in the Delete Browsing History dialog box.
If you enable this policy setting, cookies are preserved when the user clicks Delete.
If you disable this policy setting, cookies are deleted when the user clicks Delete.
If you do not configure this policy setting, the user can choose whether to delete or preserve cookies when he or she clicks Delete.
If the "Prevent access to Delete Browsing History" policy setting is enabled, this policy setting is enabled by default.</string>
<string id="IE_ExplainDBHDisableDeleteHistory">This policy setting prevents the user from deleting the history of websites that he or she has visited. This feature is available in the Delete Browsing History dialog box.
If you enable this policy setting, websites that the user has visited are preserved when he or she clicks Delete.
If you disable this policy setting, websites that the user has visited are deleted when he or she clicks Delete.
If you do not configure this policy setting, the user can choose whether to delete or preserve visited websites when he or she clicks Delete.
If the "Prevent access to Delete Browsing History" policy setting is enabled, this policy setting is enabled by default.</string>
<string id="IE_ExplainDBHDisableDeleteTIF">This policy setting prevents the user from deleting temporary Internet files. This feature is available in the Delete Browsing History dialog box.
If you enable this policy setting, temporary Internet files are preserved when the user clicks Delete.
If you disable this policy setting, temporary Internet files are deleted when the user clicks Delete.
If you do not configure this policy setting, the user can choose whether to delete or preserve temporary Internet files when he or she clicks Delete.
If the "Prevent access to Delete Browsing History" policy setting is enabled, this policy setting is enabled by default.</string>
<string id="IE_ExplainDBHDisableDeleteInPrivateDataV8">This policy setting prevents the user from deleting InPrivate Filtering data. Internet Explorer collects InPrivate Filtering data during browser sessions other than InPrivate Browsing sessions to determine which third-party items should be blocked when InPrivate Filtering is enabled. This feature is available in the Delete Browsing History dialog box.
If you enable this policy setting, InPrivate Filtering data is preserved when the user clicks Delete.
If you disable this policy setting, InPrivate Filtering data is deleted when the user clicks Delete.
If you do not configure this policy setting, the user can choose whether to delete or preserve InPrivate Filtering data when he or she clicks Delete.</string>
<string id="IE_ExplainDBHDisableDeleteInPrivateDataV9">In Internet Explorer 9 and Internet Explorer 10:
This policy setting prevents users from deleting ActiveX Filtering and Tracking Protection data, which includes the list of websites for which the user has chosen to disable ActiveX Filtering or Tracking Protection. In addition, Tracking Protection data is also collected if users turn on the Personalized Tracking Protection List, which blocks third-party items while the user is browsing.
With at least Internet Explorer 11:
This policy setting prevents users from deleting ActiveX Filtering data, Tracking Protection data, and Do Not Track exceptions stored for visited websites.
This feature is available in the Delete Browsing History dialog box.
If you enable this policy setting, ActiveX Filtering, Tracking Protection and Do Not Track data is preserved when the user clicks Delete.
If you disable this policy setting, ActiveX Filtering, Tracking Protection and Do Not Track data is deleted when the user clicks Delete.
If you don't configure this policy setting, users can turn this feature on and off, determining whether to delete ActiveX Filtering, Tracking Protection, and Do Not Track data when clicking Delete.</string>
<string id="IE_ExplainDBHDisableKeepFavorites">This policy setting prevents the user from deleting favorites site data. This feature is available in the Delete Browsing History dialog box.
If you enable this policy setting, favorites site data is preserved when the user clicks Delete.
If you disable this policy setting, favorites site data is deleted when the user clicks Delete.
If you do not configure this policy setting, the user can choose whether to delete or preserve favorites site data when he or she clicks Delete.
If the "Prevent access to Delete Browsing History" policy setting is enabled, this policy setting has no effect.</string>
<string id="IE_ExplainDBHDisableDeleteDownloadHistory">This policy setting prevents the user from deleting his or her download history. This feature is available in the Delete Browsing History dialog box.
If you enable this policy setting, download history is preserved when the user clicks Delete.
If you disable this policy setting, download history is deleted when the user clicks Delete.
If you do not configure this policy setting, the user can choose whether to delete or preserve download history when he or she clicks Delete.
If the "Prevent access to Delete Browsing History" policy setting is enabled, this policy setting is enabled by default.</string>
<string id="IE_ExplainDBHDisableDeleteOnExit">This policy setting allows the automatic deletion of specified items when the last browser window closes. The preferences selected in the Delete Browsing History dialog box (such as deleting temporary Internet files, cookies, history, form data, and passwords) are applied, and those items are deleted.
If you enable this policy setting, deleting browsing history on exit is turned on.
If you disable this policy setting, deleting browsing history on exit is turned off.
If you do not configure this policy setting, it can be configured on the General tab in Internet Options.
If the "Prevent access to Delete Browsing History" policy setting is enabled, this policy setting has no effect.</string>
<string id="IE_ExplainDisableACRPrompt">This policy setting turns off Automatic Crash Recovery.
If you enable this policy setting, Automatic Crash Recovery does not prompt the user to recover his or her data after a program stops responding.
If you disable or do not configure this policy setting, Automatic Crash Recovery prompts the user to recover his or her data after a program stops responding.</string>
<string id="IESF_ExplainMaxConnectionPerServer">This policy setting allows you to change the default connection limit for HTTP 1.1 from 6 connections per host to a limit of your choice (from 2 through 128).
If you enable this policy setting, Internet Explorer uses the connection limit of your choice for HTTP 1.1.
If you disable or do not configure this policy setting, Internet Explorer uses the default connection limit for HTTP 1.1 (6 connections per host).
In versions of Internet Explorer before Internet Explorer 8, the default connection limit for HTTP 1.1 was 2.</string>
<string id="IESF_ExplainMaxConnectionPer1_0Server">This policy setting allows you to change the default connection limit for HTTP 1.0 from 6 connections per host to a limit of your choice (from 2 through 128).
If you disable or do not configure this policy setting, Internet Explorer will use the default connection limit for HTTP 1.0 (6 connections per host).
In versions of Internet Explorer prior to Internet Explorer 8, the default connection limit for HTTP 1.0 was 4.</string>
<string id="IESF_ExplainDisableXDM">This policy setting allows you to manage whether documents can request data across third-party domains embedded in the page.
If you enable this policy setting, documents cannot request data across third-party domains embedded in the page.
If you disable or do not configure this policy setting, documents can request data across third-party domains embedded in the page.</string>
<string id="IESF_ExplainDisableXDR">This policy setting allows you to choose whether websites can request data across domains by using the XDomainRequest object. Note that this policy setting does not block client-side communication across domains through other features in Internet Explorer 8, and it does not prevent a site from requesting cross-domain data through a server.
If you enable this policy setting, websites cannot request data across domains by using the XDomainRequest object.
If you disable or do not configure this policy setting, websites can request data across domains by using the XDomainRequest object.</string>
<string id="IE_ExplainDisableSafetyFilterOverride">This policy setting determines whether the user can bypass warnings from SmartScreen Filter. SmartScreen Filter prevents the user from browsing to or downloading from sites that are known to host malicious content. SmartScreen Filter also prevents the execution of files that are known to be malicious.
If you enable this policy setting, SmartScreen Filter warnings block the user.
If you disable or do not configure this policy setting, the user can bypass SmartScreen Filter warnings.</string>
<string id="IE_ExplainDisableSafetyFilterOverrideForAppRepUnknown">This policy setting determines whether the user can bypass warnings from SmartScreen Filter. SmartScreen Filter warns the user about executable files that Internet Explorer users do not commonly download from the Internet.
If you enable this policy setting, SmartScreen Filter warnings block the user.
If you disable or do not configure this policy setting, the user can bypass SmartScreen Filter warnings.</string>
<string id="Advanced_EnableCaretBrowsing">Turn on Caret Browsing support</string>
<string id="Advanced_EnableEnhancedProtectedMode">Turn on Enhanced Protected Mode</string>
<string id="Advanced_EnableEnhancedProtectedMode64Bit">Turn on 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of Windows</string>
<string id="Advanced_DisableEPMCompat">Do not allow ActiveX controls to run in Protected Mode when Enhanced Protected Mode is enabled</string>
<string id="Advanced_EnableHttp1_1">Use HTTP 1.1</string>
<string id="Advanced_ProxyHttp1_1">Use HTTP 1.1 through proxy connections</string>
<string id="Advanced_EnableSPDY3_0">Allow Internet Explorer to use the SPDY/3 network protocol</string>
<string id="Advanced_SetWinInetProtocols">Turn off encryption support</string>
<string id="NoPrinting">Turn off Print Menu</string>
<string id="Advanced_DisableFlipAhead">Turn off the flip ahead with page prediction feature</string>
<string id="Advanced_DisablePrefetchPrerender">Turn off loading websites and content in the background to optimize performance</string>
<string id="Advanced_AlwaysSendDoNotTrack">Always send Do Not Track header</string>
<string id="Content_ShowContentAdvisor">Show Content Advisor on Internet Options</string>
<string id="Advanced_ExplainEnableCaretBrowsing">This policy setting allows you to turn Caret Browsing on or off. Caret Browsing allows users to browse to a webpage by using the keyboard to move the cursor. Caret Browsing supports standard text-editor functionality, such as using the Shift key to select text and copying a selection to the clipboard. This policy setting is particularly useful to users who do not use a mouse.
If you enable this policy setting, Caret Browsing is turned on.
If you disable this policy setting, Caret Browsing is turned off.
If you do not configure this policy setting, Caret Browsing support can be turned on or off through the registry.</string>
<string id="Advanced_ExplainEnableEnhancedProtectedMode">Enhanced Protected Mode provides additional protection against malicious websites by using 64-bit processes on 64-bit versions of Windows. For computers running at least Windows 8, Enhanced Protected Mode also limits the locations Internet Explorer can read from in the registry and the file system.
If you enable this policy setting, Enhanced Protected Mode will be turned on. Any zone that has Protected Mode enabled will use Enhanced Protected Mode. Users will not be able to disable Enhanced Protected Mode.
If you disable this policy setting, Enhanced Protected Mode will be turned off. Any zone that has Protected Mode enabled will use the version of Protected Mode introduced in Internet Explorer 7 for Windows Vista.
If you do not configure this policy, users will be able to turn on or turn off Enhanced Protected Mode on the Advanced tab of the Internet Options dialog.</string>
<string id="Advanced_ExplainEnableEnhancedProtectedMode64Bit">This policy setting determines whether Internet Explorer 11 uses 64-bit processes (for greater security) or 32-bit processes (for greater compatibility) when running in Enhanced Protected Mode on 64-bit versions of Windows.
Important: Some ActiveX controls and toolbars may not be available when 64-bit processes are used.
If you enable this policy setting, Internet Explorer 11 will use 64-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of Windows.
If you disable this policy setting, Internet Explorer 11 will use 32-bit tab processes when running in Enhanced Protected Mode on 64-bit versions of Windows.
If you don't configure this policy setting, users can turn this feature on or off using Internet Explorer settings. This feature is turned off by default.</string>
<string id="Advanced_ExplainDisableEPMCompat">This policy setting prevents ActiveX controls from running in Protected Mode when Enhanced Protected Mode is enabled. When a user has an ActiveX control installed that is not compatible with Enhanced Protected Mode and a website attempts to load the control, Internet Explorer notifies the user and gives the option to run the website in regular Protected Mode. This policy setting disables this notification and forces all websites to run in Enhanced Protected Mode.
Enhanced Protected Mode provides additional protection against malicious websites by using 64-bit processes on 64-bit versions of Windows. For computers running at least Windows 8, Enhanced Protected Mode also limits the locations Internet Explorer can read from in the registry and the file system.
When Enhanced Protected Mode is enabled, and a user encounters a website that attempts to load an ActiveX control that is not compatible with Enhanced Protected Mode, Internet Explorer notifies the user and gives the option to disable Enhanced Protected Mode for that particular website.
If you enable this policy setting, Internet Explorer will not give the user the option to disable Enhanced Protected Mode. All Protected Mode websites will run in Enhanced Protected Mode.
If you disable or do not configure this policy setting, Internet Explorer notifies users and provides an option to run websites with incompatible ActiveX controls in regular Protected Mode. This is the default behavior.</string>
<string id="Advanced_ExplainEnableHttp1_1">This policy setting allows you to manage whether Internet Explorer uses HTTP 1.1.
If you enable this policy setting, Internet Explorer uses HTTP 1.1.
If you disable this policy setting, Internet Explorer does not use HTTP 1.1.
If you do not configure this policy setting, users can configure Internet Explorer to use or not use HTTP 1.1.</string>
<string id="Advanced_ExplainProxyHttp1_1">This policy setting allows you to manage whether Internet Explorer uses HTTP 1.1 through proxy connections.
If you enable this policy setting, Internet Explorer uses HTTP 1.1 through proxy connections.
If you disable this policy setting, Internet Explorer does not use HTTP 1.1 through proxy connections.
If you do not configure this policy setting, users can configure Internet Explorer to use or not use HTTP 1.1 through proxy connections.</string>
<string id="Advanced_ExplainEnableSPDY3_0">This policy setting determines whether Internet Explorer uses the SPDY/3 network protocol. SPDY/3 works with HTTP requests to optimize the latency of network requests through compression, multiplexing and prioritization.
If you enable this policy setting, Internet Explorer uses the SPDY/3 network protocol.
If you disable this policy setting, Internet Explorer won't use the SPDY/3 network protocol.
If you don't configure this policy setting, users can turn this behavior on or off, using Internet Explorer Advanced Internet Options settings. The default is on.</string>
<string id="Advanced_ExplainSetWinInetProtocols">This policy setting allows you to turn off support for Transport Layer Security (TLS) 1.0, TLS 1.1, TLS 1.2, Secure Sockets Layer (SSL) 2.0, or SSL 3.0 in the browser. TLS and SSL are protocols that help protect communication between the browser and the target server. When the browser attempts to set up a protected communication with the target server, the browser and server negotiate which protocol and version to use. The browser and server attempt to match each other’s list of supported protocols and versions, and they select the most preferred match.
If you enable this policy setting, the browser negotiates or does not negotiate an encryption tunnel by using the encryption methods that you select from the drop-down list.
If you disable or do not configure this policy setting, the user can select which encryption method the browser supports.
Note: SSL 2.0 is off by default. SSL 2.0 is an outdated security protocol, and enabling SSL 2.0 impairs the performance and functionality of TLS 1.0.</string>
<string id="IE_ExplainNoPrinting">This policy setting allows you to manage whether users can access the Print menu. Starting with Windows 8, this policy setting also allows you to manage whether users can access the Print flyout for Internet Explorer and any printers under the Devices charm.
If you enable this policy setting, the Print menu in Internet Explorer will not be available. Starting with Windows 8, the Print flyout for Internet Explorer will not be available, and users will not see printers under the Devices charm.
If you disable or do not configure this policy setting, the Print menu in Internet Explorer will be available. Starting with Windows 8, the Print flyout for Internet Explorer will be available, and users will see installed printers under the Devices charm.</string>
<string id="Advanced_ExplainDisableFlipAhead">This policy setting determines whether a user can swipe across a screen or click Forward to go to the next pre-loaded page of a website.
Microsoft collects your browsing history to improve how flip ahead with page prediction works. This feature isn't available for Internet Explorer for the desktop.
If you enable this policy setting, flip ahead with page prediction is turned off and the next webpage isn't loaded into the background.
If you disable this policy setting, flip ahead with page prediction is turned on and the next webpage is loaded into the background.
If you don't configure this setting, users can turn this behavior on or off, using the Settings charm.</string>
<string id="Advanced_ExplainDisablePrefetchPrerender">This policy setting determines whether Internet Explorer preemptively loads websites and content in the background, speeding up performance such that when the user clicks a hyperlink, the background page seamlessly switches into view.
If you enable this policy setting, Internet Explorer doesn't load any websites or content in the background.
If you disable this policy setting, Internet Explorer preemptively loads websites and content in the background.
If you don't configure this policy setting, users can turn this behavior on or off, using Internet Explorer settings. This feature is turned on by default</string>
<string id="Advanced_ExplainAlwaysSendDoNotTrack">This policy setting allows you to configure how Internet Explorer sends the Do Not Track (DNT) header.
If you enable this policy setting, Internet Explorer sends a DNT:1 header with all HTTP and HTTPS requests. The DNT:1 header signals to the servers not to track the user.
For Internet Explorer 9 and 10:
If you disable this policy setting, Internet Explorer only sends the Do Not Track header if a Tracking Protection List is enabled or inPrivate Browsing mode is used.
For at least Internet Explorer 11:
If you disable this policy setting, Internet Explorer only sends the Do Not Track header if inPrivate Browsing mode is used.
If you don't configure the policy setting, users can select the Always send Do Not Track header option, in Internet Explorer settings. By selecting this option, Internet Explorer sends a DNT:1 header with all HTTP and HTTPS requests; unless the user grants a site-specific exception. Internet Explorer sends a DNT:0 header to any sites granted an exception. By default, this option is turned on.</string>
<string id="Content_ExplainShowContentAdvisor">This policy setting shows the Content Advisor setting on the Content tab of the Internet Options dialog box.
If you enable this policy setting, Internet Explorer displays the Content Advisor setting on the Content tab of the Internet Options dialog box. Users can change Content Advisor settings.
If you disable or do not configure this policy setting, Internet Explorer does not display the Content Advisor setting on the Content tab of the Internet Options dialog box.</string>
<string id="Protocols_None">Use no secure protocols</string>
<string id="Protocols_SSL2">Only use SSL 2.0</string>
<string id="Protocols_SSL3">Only use SSL 3.0</string>
<string id="Protocols_SSL2_SSL3">Use SSL 2.0 and SSL 3.0</string>
<string id="Protocols_TLS10">Only use TLS 1.0</string>
<string id="Protocols_SSL2_TLS10">Use SSL 2.0 and TLS 1.0</string>
<string id="Protocols_SSL3_TLS10">Use SSL 3.0 and TLS 1.0</string>
<string id="Protocols_SSL2_SSL3_TLS10">Use SSL 2.0, SSL 3.0, and TLS 1.0</string>
<string id="Protocols_TLS11">Only use TLS 1.1</string>
<string id="Protocols_SSL2_TLS11">Use SSL 2.0 and TLS 1.1</string>
<string id="Protocols_SSL3_TLS11">Use SSL 3.0 and TLS 1.1</string>
<string id="Protocols_SSL2_SSL3_TLS11">Use SSL 2.0, SSL 3.0, and TLS 1.1</string>
<string id="Protocols_TLS10_TLS11">Use TLS 1.0 and TLS 1.1</string>
<string id="Protocols_SSL2_TLS10_TLS11">Use SSL 2.0, TLS 1.0, and TLS 1.1</string>
<string id="Protocols_SSL3_TLS10_TLS11">Use SSL 3.0, TLS 1.0, and TLS 1.1</string>
<string id="Protocols_SSL2_SSL3_TLS10_TLS11">Use SSL 2.0, SSL 3.0, TLS 1.0, and TLS 1.1</string>
<string id="Protocols_TLS12">Only use TLS 1.2</string>
<string id="Protocols_SSL2_TLS12">Use SSL 2.0 and TLS 1.2</string>
<string id="Protocols_SSL3_TLS12">Use SSL 3.0 and TLS 1.2</string>
<string id="Protocols_SSL2_SSL3_TLS12">Use SSL 2.0, SSL 3.0, and TLS 1.2</string>
<string id="Protocols_TLS10_TLS12">Use TLS 1.0 and TLS 1.2</string>
<string id="Protocols_SSL2_TLS10_TLS12">Use SSL 2.0, TLS 1.0, and TLS 1.2</string>
<string id="Protocols_SSL3_TLS10_TLS12">Use SSL 3.0, TLS 1.0, and TLS 1.2</string>
<string id="Protocols_SSL2_SSL3_TLS10_TLS12">Use SSL 2.0, SSL 3.0, TLS 1.0, and TLS 1.2</string>
<string id="Protocols_TLS11_TLS12">Use TLS 1.1 and TLS 1.2</string>
<string id="Protocols_SSL2_TLS11_TLS12">Use SSL 2.0, TLS 1.1, and TLS 1.2</string>
<string id="Protocols_SSL3_TLS11_TLS12">Use SSL 3.0, TLS 1.1, and TLS 1.2</string>
<string id="Protocols_SSL2_SSL3_TLS11_TLS12">Use SSL 2.0, SSL 3.0, TLS 1.1, and TLS 1.2</string>
<string id="Protocols_TLS10_TLS11_TLS12">Use TLS 1.0, TLS 1.1, and TLS 1.2</string>
<string id="Protocols_SSL2_TLS10_TLS11_TLS12">Use SSL 2.0, TLS 1.0, TLS 1.1, and TLS 1.2</string>
<string id="Protocols_SSL3_TLS10_TLS11_TLS12">Use SSL 3.0, TLS 1.0, TLS 1.1, and TLS 1.2</string>
<string id="Protocols_SSL2_SSL3_TLS10_TLS11_TLS12">Use SSL 2.0, SSL 3.0, TLS 1.0, TLS 1.1, and TLS 1.2</string>
<string id="LockToolbars">Lock all toolbars</string>
<string id="MoveStopRefresh">Lock location of Stop and Refresh buttons</string>
<string id="NewTab_AboutBlank">about:blank</string>
<string id="NewTab_AboutTabs">New tab page</string>
<string id="NewTab_Homepage">Home page</string>
<string id="NewTabAction">Specify default behavior for a new tab</string>
<string id="SecondaryHomePages">Disable changing secondary home page settings</string>
<string id="SetCommandLabels">Customize command labels</string>
<string id="TabProcGrowth">Set tab process growth</string>
<string id="FastShutdownOnUnload">Allow Internet Explorer 8 shutdown behavior</string>
<string id="UseLargeIcons">Use large icons for command buttons</string>
<string id="MoveTabBand">Display tabs on a separate row</string>
<string id="CommandLabels_Icons">Show only icons</string>
<string id="CommandLabels_Selective">Show selective text</string>
<string id="CommandLabels_Text">Show all text labels</string>
<string id="HideCommandBar">Hide the Command bar</string>
<string id="HideStatusBar">Hide the status bar</string>
<string id="IE_ExplainHideCommandBar">This policy setting allows you to show or hide the Command bar.
If you enable this policy setting, the Command bar is hidden and the user cannot choose to show it.
If you disable this policy setting, the Command bar is shown and the user cannot choose to hide it.
If you do not configure this policy setting, the Command bar is shown by default, and the user can choose to hide it.</string>
<string id="IE_ExplainHideStatusBar">This policy setting allows you to show or hide the status bar.
If you enable this policy setting, the status bar is hidden and the user cannot choose to show it.
If you disable this policy setting, the status bar is shown and the user cannot choose to hide it.
If you do not configure this policy setting, the status bar is shown by default, and the user can choose to hide it.</string>
<string id="IE_ExplainLockToolbars">This policy setting allows you to lock or unlock the toolbars on the user interface.
If you enable this policy setting, the toolbars are locked and the user cannot move them.
If you disable this policy setting, the toolbars are unlocked and the user can move them.
If you do not configure this policy setting, the toolbars are locked by default, but the user can unlock them through the shortcut menu of the Command bar.</string>
<string id="IE_ExplainMoveStopRefresh">This policy setting allows you to lock the Stop and Refresh buttons next to the Back and Forward buttons.
If you enable this policy setting, the Stop and Refresh buttons are next to the Forward and Back buttons, and the user cannot move them.
If you disable this policy setting, the Stop and Refresh buttons are next to the Address bar, and the user cannot move them.
If you do not configure this policy setting, the Stop and Refresh buttons are next to the Address bar by default, and the user can choose to move them.</string>
<string id="IE_ExplainNewTabAction">This policy setting allows you to specify what is displayed when the user opens a new tab.
If you enable this policy setting, you can choose which page to display when the user opens a new tab: blank page (about:blank), the first home page, or the new tab page.
If you disable or do not configure this policy setting, the user can select his or her preference for this behavior. The new tab page is the default setting.</string>
<string id="IE_ExplainSecondaryHomePages">Secondary home pages are the default Web pages that Internet Explorer loads in separate tabs from the home page whenever the browser is run. This policy setting allows you to set default secondary home pages.
If you enable this policy setting, you can specify which default home pages should load as secondary home pages. The user cannot set custom default secondary home pages.
If you disable or do not configure this policy setting, the user can add secondary home pages.
Note: If the “Disable Changing Home Page Settings” policy is enabled, the user cannot add secondary home pages.</string>
<string id="IE_ExplainSetCommandLabels">This policy setting allows you to choose among three different labels for command buttons: show all text labels, show selective text, or show only icons.
If you enable this policy setting, command buttons are displayed according to which one of the following options you choose, and the user cannot change how command buttons are displayed:
Show all text labels: All command buttons have only text.
Show selective text: Some command buttons have only text; some have icons and text.
Show only icons: All command buttons have only icons.
If you disable or do not configure this policy setting, the command buttons show selective text by default, and the user can change this.</string>
<string id="IE_ExplainTabProcGrowth">This policy setting allows you to set the rate at which Internet Explorer creates new tab processes. There are two algorithms that Internet Explorer uses.
The default algorithm has four settings: low, medium, high, or default. Low creates very few tab processes; medium creates a moderate amount of tab processes; and high allows the tab process to grow very quickly and is intended only for computers that have ample physical memory. The default setting creates the optimal number of tab processes based on the operating system and amount of physical memory. We recommend the default setting.
The second algorithm must be explicitly enabled through the creation of an integer setting. In this case, each Internet Explorer isolation setting will quickly grow to use the specified integer number of tab processes, regardless of the physical memory on the computer or how many Internet Explorer isolation settings are running.
If you enable this policy setting, you set the rate at which Internet Explorer creates new tab processes to low, medium, or high, or to an integer.
If you disable or do not configure this policy setting, the tab process growth is set to the default. The user can change this value by using the registry key. Note: On Terminal Server, the default value is the integer “1”.</string>
<string id="IE_ExplainFastShutdownOnUnload">This policy setting allows you to revert to the Internet Explorer 8 behavior of allowing OnUnLoad script handlers to display UI during shutdown. This policy setting may be needed to fix compatibility problems with particular web applications.
If you enable this policy setting, OnUnLoad script handlers display UI during shutdown.
If you disable or do not configure this policy setting, OnUnLoad script handlers do not display UI during shutdown (default behavior in Internet Explorer 9).</string>
<string id="IE_ExplainUseLargeIcons">This policy setting allows you increase the size of icons for command buttons.
If you enable this policy setting, icons for command buttons are 20 x 20 pixels and cannot be made smaller (16 x 16 pixels).
If you disable this policy setting, icons for command buttons are 16 x 16 pixels (the default) and cannot be made bigger (20 x 20 pixels).
If you do not configure this policy setting, icons for command buttons are 16 x 16 pixels, and the user can make them bigger (20 x 20 pixels).</string>
<string id="IE_ExplainMoveTabBand">This policy setting allows you to manage where tabs are displayed.
If you enable this policy setting, tabs are displayed on a separate row.
If you disable this policy setting, tabs are not displayed on a separate row.
If you do not configure this policy setting, the user can change where tabs are displayed.</string>
<string id="SearchDisableUserSuggestions">Turn off suggestions for all user-installed providers</string>
<string id="SearchTurnOffQuickPick">Turn off the quick pick menu</string>
<string id="IE_ExplainSearchDisableUserSuggestions">This policy setting allows you to turn off suggestions for all user-installed search providers.
If you enable this policy setting, the user cannot view suggestions for user-installed search providers.
If you disable or do not configure this policy setting, the user can choose to view suggestions for all user-installed search providers that offer suggestions.</string>
<string id="IE_ExplainSearchTurnOffQuickPick">This policy setting allows you to prevent the quick pick menu from appearing when a user clicks in the Search box.
If you enable this policy setting, when a user clicks in the Search box, the quick pick menu does not appear until the user starts typing.
If you disable or do not configure this policy setting, when a user clicks in the Search box, the quick pick menu appears.</string>
<string id="DisableActiveXFirstPrompt">Turn off ActiveX Opt-In prompt</string>
<string id="DisablePerUserActiveXInstall">Prevent per-user installation of ActiveX controls</string>
<string id="OnlyUseAXISForActiveXInstall">Specify use of ActiveX Installer Service for installation of ActiveX controls</string>
<string id="EnableSuggestedSites">Turn on Suggested Sites</string>
<string id="IE_ExplainDisableActiveXFirstPrompt">This policy setting allows you to turn off the ActiveX Opt-In prompt. ActiveX Opt-In prevents websites from loading any ActiveX control without prior approval. If a website attempts to load an ActiveX control that Internet Explorer has not used before, a Notification bar will appear, asking the user for approval.
If you enable this policy setting, the ActiveX Opt-In prompt does not appear. Internet Explorer does not ask the user for permission to load an ActiveX control, and Internet Explorer loads the control if it passes all other internal security checks.
If you disable or do not configure this policy setting, the ActiveX Opt-In prompt appears.</string>
<string id="IE_ExplainDisablePerUserActiveXInstall">This policy setting allows you to prevent the installation of ActiveX controls on a per-user basis.
If you enable this policy setting, ActiveX controls cannot be installed on a per-user basis.
If you disable or do not configure this policy setting, ActiveX controls can be installed on a per-user basis.</string>
<string id="IE_ExplainOnlyUseAXISForActiveXInstall">This policy setting allows you to specify how ActiveX controls are installed.
If you enable this policy setting, ActiveX controls are installed only if the ActiveX Installer Service is present and has been configured to allow the installation of ActiveX controls.
If you disable or do not configure this policy setting, ActiveX controls, including per-user controls, are installed through the standard installation process.</string>
<string id="IE_ExplainEnableSuggestedSites">This policy setting controls the Suggested Sites feature, which recommends websites based on the user’s browsing activity. Suggested Sites reports a user’s browsing history to Microsoft to suggest sites that the user might want to visit.
If you enable this policy setting, the user is not prompted to enable Suggested Sites. The user’s browsing history is sent to Microsoft to produce suggestions.
If you disable this policy setting, the entry points and functionality associated with this feature are turned off.
If you do not configure this policy setting, the user can turn on and turn off the Suggested Sites feature.</string>
<string id="CategoryPrivacy">Privacy</string>
<string id="DisableInPrivateBrowsing">Turn off InPrivate Browsing</string>
<string id="IE_ExplainDisableInPrivateBrowsing">This policy setting allows you to turn off the InPrivate Browsing feature.
InPrivate Browsing prevents Internet Explorer from storing data about a user's browsing session. This includes cookies, temporary Internet files, history, and other data.
If you enable this policy setting, InPrivate Browsing is turned off.
If you disable this policy setting, InPrivate Browsing is available for use.
If you do not configure this policy setting, InPrivate Browsing can be turned on or off through the registry.</string>
<string id="DisableInPrivateToolbars">Prevent the computer from loading toolbars and Browser Helper Objects when InPrivate Browsing starts</string>
<string id="IE_ExplainDisableInPrivateToolbars">This policy setting allows you to choose whether or not toolbars and Browser Helper Objects (BHOs) are loaded by default during an InPrivate Browsing session.
Toolbars and BHOs may store data about a user's browsing session. By default, the computer does not load them when InPrivate Browsing starts.
If you enable this policy setting, toolbars and BHOs are not loaded by default during an InPrivate Browsing session.
If you disable this policy setting, toolbars and BHOs are loaded by default during an InPrivate Browsing session.
If you do not configure this policy setting, it can be configured on the Privacy tab in Internet Options.</string>
<string id="DisableInPrivateLogging">Turn off collection of InPrivate Filtering data</string>
<string id="IE_ExplainDisableInPrivateLogging">This policy setting allows you to turn off the collection of data used by the InPrivate Filtering Automatic mode.
The data consists of the URLs of third-party content, along with data about the first-party websites that referenced it. It is collected during non-InPrivate (normal) browsing sessions.
If you enable this policy setting, InPrivate Filtering data collection is turned off.
If you disable this policy setting, InPrivate Filtering collection is turned on.
If you do not configure this policy setting, InPrivate Filtering data collection can be turned on or off on the Privacy tab in Internet Options.</string>
<string id="InPrivateBlockingThresholdV8">Establish InPrivate Filtering threshold</string>
<string id="IE_ExplainInPrivateBlockingThresholdV8">This policy setting allows you to establish the threshold for InPrivate Filtering Automatic mode.
The threshold sets the number of first-party sites that a particular third-party item can be referenced from before it is blocked. Setting this value lower can help prevent more third-party sites from obtaining details about a user's browsing. However, doing so may cause compatibility issues on some websites. The allowed value range is 3 through 30.
If you enable this policy setting, the selected value is enforced.
If you disable or do not configure this policy setting, the user can establish the InPrivate Filtering threshold by clicking the Safety button and then clicking InPrivate Filtering.</string>
<string id="InPrivateBlockingThresholdV9">Establish Tracking Protection threshold</string>
<string id="IE_ExplainInPrivateBlockingThresholdV9">This policy setting allows you to establish the threshold for Tracking Protection Automatic mode.
The threshold sets the number of first-party sites that a particular third-party item can be referenced from before it is blocked. Setting this value lower can help prevent more third-party sites from obtaining details about a user's browsing. However, doing so may cause compatibility issues on some websites. The allowed value range is 3 through 30.
If you enable this policy setting, the selected value is enforced.
If you disable or do not configure this policy setting, the user can establish the Tracking Protection threshold by clicking the Safety button and then clicking Tracking Protection.</string>
<string id="DisableInPrivateBlockingV8">Turn off InPrivate Filtering</string>
<string id="IE_ExplainDisableInPrivateBlockingV8">This policy setting allows you to turn off InPrivate Filtering.
InPrivate Filtering helps users control whether third parties can automatically collect information about their browsing based on the sites that they visit. InPrivate Filtering does this by identifying third-party content that is used by multiple websites that users have visited.
If you enable this policy setting, InPrivate Filtering is turned off in all browsing sessions, and InPrivate Filtering data is not collected.
If you disable this policy setting, InPrivate Filtering is available for use.
If you do not configure this policy setting, it can be configured through the registry.</string>
<string id="DisableInPrivateBlockingV9">Turn off Tracking Protection</string>
<string id="IE_ExplainDisableInPrivateBlockingV9">This policy setting allows you to turn off Tracking Protection.
Tracking Protection helps users control whether third parties can automatically collect information about their browsing based on the sites that they visit. Tracking Protection does this by identifying third-party content that is used by multiple websites that users have visited.
If you enable this policy setting, Tracking Protection is disabled in all browsing sessions, and Tracking Protection data is not collected.
If you disable this policy setting, Tracking Protection is available for use.
If you do not configure this policy setting, it can be configured through the registry.</string>
<string id="CategoryAccelerators">Accelerators</string>
<string id="DeployAccelerators">Add non-default Accelerators</string>
<string id="DeployDefaultAccelerators">Add default Accelerators</string>
<string id="IE_ExplainDeployAccelerators">This policy setting allows you to add non-default Accelerators.
If you enable this policy setting, the specified Accelerators are added to the user's browser. The user can append other Accelerators to this list, but the user cannot remove or change the Accelerators that this policy setting has added. Default and non-default Accelerators should not overlap.
If you disable or do not configure this policy setting, the user has Accelerators that are provided through first use of the browser.</string>
<string id="IE_ExplainDeployDefaultAccelerators">This policy setting allows you to add default Accelerators.
If you enable this policy setting, the specified Accelerators are added to the user's browser. The user can append other Accelerators to this list, but the user cannot remove or change the Accelerators that this policy setting has added. Default and non-default Accelerators should not overlap.
If you disable or do not configure this policy setting, the user has Accelerators that are provided through first use of the browser.</string>
<string id="IE_ExplainTurnOffAccelerators">This policy setting allows you to manage whether users can access Accelerators.
If you enable this policy setting, users cannot access Accelerators.
If you disable or do not configure this policy setting, users can access Accelerators and install new Accelerators.</string>
<string id="IE_ExplainUsePolicyAccelerators">This policy setting restricts the list of Accelerators that the user can access to only the set deployed through Group Policy.
If you enable this policy setting, the user can access only Accelerators that are deployed through Group Policy. The user cannot add or delete Accelerators.
If you disable or do not configure this policy setting, the user can access any Accelerators that he or she has installed.</string>
<string id="TurnOffAccelerators">Turn off Accelerators</string>
<string id="UsePolicyAccelerators">Restrict Accelerators to those deployed through Group Policy</string>
<string id="CategoryCompatView">Compatibility View</string>
<string id="CompatView_AllSites">Turn on Internet Explorer 7 Standards Mode</string>
<string id="CompatView_DisableList">Turn off Compatibility View</string>
<string id="CompatView_IntranetSites">Turn on Internet Explorer Standards Mode for local intranet</string>
<string id="CompatView_ShowButton">Turn off Compatibility View button</string>
<string id="CompatView_UsePolicyList">Use Policy List of Internet Explorer 7 sites</string>
<string id="CompatView_UseQuirksPolicyList">Use Policy List of Quirks Mode sites</string>
<string id="CompatView_UseMSList">Include updated website lists from Microsoft</string>
<string id="IE_ExplainCompatView_AllSites">This policy setting allows you to turn on Internet Explorer 7 Standards Mode. Compatibility View determines how Internet Explorer identifies itself to a web server and determines whether content is rendered in Internet Explorer 7 Standards Mode or the Standards Mode available in the latest version of Internet Explorer.
If you enable this policy setting, Internet Explorer uses an Internet Explorer 7 user agent string (with an additional string appended). Additionally, all Standards Mode webpages appear in Internet Explorer 7 Standards Mode. This option results in the greatest compatibility with existing webpages, but newer content written to common Internet standards may be displayed incorrectly.
If you disable this policy setting, Internet Explorer uses a current user agent string. Additionally, all Standards Mode webpages appear in the Standards Mode available in the latest version of Internet Explorer. This option matches the default behavior of Internet Explorer.
If you do not configure this policy setting, the user can turn on and turn off Internet Explorer 7 Standards Mode.</string>
<string id="IE_ExplainCompatView_DisableList">This policy setting controls the Compatibility View feature, which allows the user to fix website display problems that he or she may encounter while browsing.
If you enable this policy setting, the user cannot use the Compatibility View button or manage the Compatibility View sites list.
If you disable or do not configure this policy setting, the user can use the Compatibility View button and manage the Compatibility View sites list.</string>
<string id="IE_ExplainCompatView_IntranetSites">This policy setting controls how Internet Explorer displays local intranet content. Intranet content is defined as any webpage that belongs to the local intranet security zone.
If you enable this policy setting, Internet Explorer uses the current user agent string for local intranet content. Additionally, all local intranet Standards Mode pages appear in the Standards Mode available with the latest version of Internet Explorer. The user cannot change this behavior through the Compatibility View Settings dialog box.
If you disable this policy setting, Internet Explorer uses an Internet Explorer 7 user agent string (with an additional string appended) for local intranet content. Additionally, all local intranet Standards Mode pages appear in Internet Explorer 7 Standards Mode. The user cannot change this behavior through the Compatibility View Settings dialog box.
If you do not configure this policy setting, Internet Explorer uses an Internet Explorer 7 user agent string (with an additional string appended) for local intranet content. Additionally, all local intranet Standards Mode pages appear in Internet Explorer 7 Standards Mode. This option results in the greatest compatibility with existing webpages, but newer content written to common Internet standards may be displayed incorrectly. This option matches the default behavior of Internet Explorer.</string>
<string id="IE_ExplainCompatView_ShowButton">This policy setting controls the Compatibility View button that appears on the Command bar. This button allows the user to fix website display problems that he or she may encounter while browsing.
If you enable this policy setting, the user cannot use the Compatibility View button.
If you disable or do not configure this policy setting, the user can use the Compatibility View button.</string>
<string id="IE_ExplainCompatView_UsePolicyList">This policy setting allows you to add specific sites that must be viewed in Internet Explorer 7 Compatibility View.
If you enable this policy setting, the user can add and remove sites from the list, but the user cannot remove the entries that you specify.
If you disable or do not configure this policy setting, the user can add and remove sites from the list.</string>
<string id="IE_ExplainCompatView_UseQuirksPolicyList">Compatibility View determines how Internet Explorer identifies itself to a web server and determines whether content is rendered in Quirks Mode or the Standards Mode available in the latest version of Internet Explorer.
If you enable this policy setting, Internet Explorer uses an Internet Explorer 7 user agent string (with an additional string appended). Additionally, webpages included in this list appear in Quirks Mode.</string>
<string id="IZ_PolicyWarnCertMismatch">Turn on certificate address mismatch warning</string>
<string id="IZ_ExplainPolicyWarnCertMismatch">This policy setting allows you to turn on the certificate address mismatch security warning. When this policy setting is turned on, the user is warned when visiting Secure HTTP (HTTPS) websites that present certificates issued for a different website address. This warning helps prevent spoofing attacks.
If you enable this policy setting, the certificate address mismatch warning always appears.
If you disable or do not configure this policy setting, the user can choose whether the certificate address mismatch warning appears (by using the Advanced page in the Internet Control panel).</string>
<string id="IE_ExplainCompatView_UseMSList">This policy controls the website compatibility lists that Microsoft provides. The updated website lists are available on Windows Update.
If you enable this policy setting, the Microsoft-provided website lists are used during browser navigation. If a user visits a site on the compatibility lists, the pages are automatically displayed in Compatibility View.
If you disable this policy setting, the Microsoft-provided website lists are not used. Additionally, the user cannot activate the feature by using the Compatibility View Settings dialog box.
If you do not configure this policy setting, the Microsoft-provided website lists are not active. The user can activate the feature by using the Compatibility View Settings dialog box.</string>
<string id="DisableReopenLastBrowsingSession">Turn off Reopen Last Browsing Session</string>
<string id="IE_ExplainDisableReopenLastBrowsingSession">This policy setting allows you to manage whether a user has access to the Reopen Last Browsing Session feature in Internet Explorer.
If you enable this policy setting, the user cannot use the Reopen Last Browsing Session feature.
If you disable or do not configure this policy setting, the user can use the Reopen Last Browsing Session feature.</string>
<string id="TurnOffPinnedSites">Turn off ability to pin sites in Internet Explorer on the desktop</string>
<string id="IE_ExplainTurnOffPinnedSites">This policy setting allows you to manage whether users can pin sites to locations where pinning is allowed, such as the taskbar, the desktop, or File Explorer.
If you enable this policy setting, users cannot pin sites.
If you disable or do not configure this policy setting, users can pin sites.</string>
<string id="CategoryGeneralPage">General Page</string>
<string id="CategoryBrowsingHistory">Browsing History</string>
<string id="DefaultDomainCacheLimitInMB">Set default storage limits for websites</string>
<string id="IE_ExplainDefaultDomainCacheLimitInMB">This policy setting sets data storage limits for indexed database and application caches for individual websites. When you set this policy setting, you provide the cache limit, in MB.
If you enable this policy setting, Internet Explorer displays a notification when a website exceeds the configured storage limit.
If you disable or do not configure this policy setting, users can set default data storage limits for indexed databases and application caches.</string>
<string id="IndexedDB_AllowWebsiteDatabases">Allow websites to store indexed databases on client computers</string>
<string id="IE_ExplainIndexedDB_AllowWebsiteDatabases">This policy setting allows websites to store indexed database cache information on client computers.
If you enable this policy setting, websites will be able to store an indexed database on client computers. Allow website database and caches on Website Data Settings will be unavailable to users.
If you disable this policy setting, websites will not be able to store an indexed database on client computers. Allow website database and caches on Website Data Settings will be unavailable to users.
If you do not configure this policy setting, websites will be able to store an indexed database on client computers. Allow website database and caches on Website Data Settings will be available to users. Users can choose whether or not to allow websites to store data on their computers.</string>
<string id="IndexedDB_MaxTrustedDomainLimitInMB">Set indexed database storage limits for individual domains</string>
<string id="IE_ExplainIndexedDB_MaxTrustedDomainLimitInMB">This policy setting sets data storage limits for indexed databases of websites that have been allowed to exceed their storage limit. The “Set default storage limits for websites” policy setting sets the data storage limits for indexed databases. If a domain exceeds the indexed database storage limit for an individual domain, Internet Explorer sends an error to the website. No notification is sent to the user. This group policy sets the maximum data storage limit for domains that are trusted by users. When you set this policy setting, you provide the cache limit, in MB. The default is 500 MB.
If you enable this policy setting, Internet Explorer will allow trusted domains to store additional data in indexed databases, up to the limit set in this group policy.
If you disable or do not configure this policy setting, Internet Explorer will use the default maximum storage limit for all indexed databases. The default is 500 MB.</string>
<string id="IndexedDB_TotalLimitInMB">Set maximum indexed database storage limit for all domains</string>
<string id="IE_ExplainIndexedDB_TotalLimitInMB">This policy setting sets the data storage limit for all combined indexed databases for a user. When you set this policy setting, you provide the storage limit in MB. When the limit is reached, Internet Explorer notifies the user, and the user must delete indexed databases before an updated database can be saved on their computer. The default maximum storage limit for all indexed databases is 4 GB.
If you enable this policy setting, you can set the maximum storage limit for all indexed databases. The default is 4 GB.
If you disable or do not configure this policy setting, Internet Explorer will use the default maximum storage limit for all indexed databases. The default is 4 GB.</string>
<string id="AppCache_AllowWebsiteCaches">Allow websites to store application caches on client computers</string>
<string id="IE_ExplainAppCache_AllowWebsiteCaches">This policy setting allows websites to store file resources in application caches on client computers.
If you enable this policy setting, websites will be able to store application caches on client computers. Allow website database and caches on Website Data Settings will be unavailable to users.
If you disable this policy setting, websites will not be able to store application caches on client computers. Allow website database and caches on Website Data Settings will be unavailable to users.
If you do not configure this policy setting, websites will be able to store application caches on client computers. Allow website database and caches on Website Data Settings will be available to users. Users can choose whether or not to allow websites to store data on their computers.</string>
<string id="AppCache_MaxTrustedDomainLimitInMB">Set application cache storage limits for individual domains</string>
<string id="IE_ExplainAppCache_MaxTrustedDomainLimitInMB">This policy setting sets file storage limits for application caches of websites that have been allowed to exceed their storage limit. The “Set default storage limits for websites” policy setting sets the data storage limits for application caches. If a domain exceeds the application cache storage limit for an individual domain, Internet Explorer sends an error to the website. No notification will be displayed to the user. This group policy sets the maximum file storage limit for domains that are trusted by users. When you set this policy setting, you provide the cache limit, in MB. The default is 50 MB.
If you enable this policy setting, Internet Explorer will allow trusted domains to store additional files in application caches, up to the limit set in this policy setting.
If you disable or do not configure this policy setting, Internet Explorer will use the default maximum storage limit for all application caches. The default is 50 MB.</string>
<string id="AppCache_TotalLimitInMB">Set maximum application caches storage limit for all domains</string>
<string id="IE_ExplainAppCache_TotalLimitInMB">This policy setting sets the file storage limit for all combined application caches for a user. When you set this policy setting, you provide the storage limit in MB. When the limit is reached, Internet Explorer notifies the user, and the user must delete application caches before an updated one can be saved on their computer. The default maximum storage limit for all application caches is 1 GB.
If you enable this policy setting, you can set the maximum storage limit for all application caches. The default is 1 GB.
If you disable or do not configure this policy setting, Internet Explorer will use the default maximum storage limit for all application caches. The default is 1 GB.</string>
<string id="AppCache_GarbageCollectionThresholdInDays">Set application caches expiration time limit for individual domains</string>
<string id="IE_ExplainAppCache_GarbageCollectionThresholdInDays">This policy setting sets the number of days an inactive application cache will exist before it is removed. If the application cache is used before the expiration time limit, it will not be automatically removed. When you set this policy setting, you provide the expiration time limit in days.
If you enable this policy setting, Internet Explorer will remove application caches that haven't been used within the timeframe set in this policy setting.
If you disable or do not configure this policy setting, Internet Explorer will use the default application cache expiration time limit for all application caches. The default is 30 days.</string>
<string id="AppCache_ManifestResourceQuota">Set maximum application cache resource list size</string>
<string id="IE_ExplainAppCache_ManifestResourceQuota">This policy setting sets the maximum number of resource entries that can be specified in a manifest file associated with an application cache. If the manifest associated with an application cache exceeds the number of resources allowed, including the page that referenced the manifest, Internet Explorer sends an error to the website. No notification will be displayed to the user. When you set this policy setting, you provide the resource limit as a number. The default is 1000 resources.
If you enable this policy setting, Internet Explorer will allow the creation of application caches whose manifest file contains the number of resources, including the page that referenced the manifest, that are less than or equal to the limit set in this policy setting.
If you disable or do not configure this policy setting, Internet Explorer will use the default maximum application cache resource list size for all application caches. The default is 1000 resources.</string>
<string id="AppCache_ManifestSingleResourceQuotaInMB">Set maximum application cache individual resource size</string>
<string id="IE_ExplainAppCache_ManifestSingleResourceQuotaInMB">This policy setting sets the maximum size for an individual resource file contained in a manifest file. The manifest file is used to create the application cache. If any file in the manifest exceeds the allowed size, Internet Explorer sends an error to the website. No notification will be displayed to the user. When you set this policy setting, you provide the resource size limit, in MB. The default is 50 MB.
If you enable this policy setting, Internet Explorer will allow the creation of application caches whose individual manifest file entries are less than or equal to the size set in this policy setting.
If you disable or do not configure this policy setting, Internet Explorer will use the default application cache individual resource size for all application caches resources. The default is 50 MB.</string>
<string id="ContinuousBrowsing">Start Internet Explorer with tabs from last browsing session</string>
<string id="IE_ExplainContinuousBrowsing">This policy setting configures what Internet Explorer displays when a new browsing session is started. By default, Internet Explorer displays the home page. In Internet Explorer 10, Internet Explorer can start a new browsing session with the tabs from the last browsing session.
If you enable this policy setting, Internet Explorer starts a new browsing session with the tabs from the last browsing session. Users cannot change this option to start with the home page.
If you disable this policy setting, Internet Explorer starts a new browsing session with the home page. Users cannot change this option to start with the tabs from the last browsing session.
If you do not configure this policy setting, Internet Explorer starts with the home page. Users can change this option to start with the tabs from the last session.</string>
<string id="DefaultTilesView">Open Internet Explorer tiles on the desktop</string>
<string id="IE_ExplainDefaultTilesView">This policy setting configures Internet Explorer to open Internet Explorer tiles on the desktop.
If you enable this policy setting, Internet Explorer opens tiles only on the desktop.
If you disable this policy setting, Internet Explorer does not open tiles on the desktop.
If you do not configure this policy, users can choose how Internet Explorer tiles are opened.</string>
<string id="DefaultLinksView">Set how links are opened in Internet Explorer</string>
<string id="IE_ExplainDefaultLinksView">This policy setting allows you to choose how links are opened in Internet Explorer: Let Internet Explorer decide, always in Internet Explorer, or always in Internet Explorer on the desktop.
If you enable this policy setting, Internet Explorer enforces your choice. Users cannot change the setting.
If you disable or do not configure this policy setting, users can choose how links are opened in Internet Explorer.</string>
<string id="DefaultView_Desktop">Always in Internet Explorer on the desktop</string>
<string id="DefaultView_Immersive">Always in Internet Explorer</string>
<string id="DefaultView_Contextual">Let Internet Explorer decide</string>
<string id="EnableAutoUpgrade">Install new versions of Internet Explorer automatically</string>
<string id="IE_ExplainEnableAutoUpgrade">This policy setting configures Internet Explorer to automatically install new versions of Internet Explorer when they are available.
If you enable this policy setting, automatic upgrade of Internet Explorer will be turned on.
If you disable this policy setting, automatic upgrade of Internet Explorer will be turned off.
If you do not configure this policy, users can turn on or turn off automatic updates from the About Internet Explorer dialog.</string>
<string id="TurnOffFormatDetectionPhone">Turn off phone number detection</string>
<string id="TurnOffFormatDetectionPhone_Explain">This policy setting determines whether phone numbers are recognized and turned into hyperlinks, which can be used to invoke the default phone application on the system.
If you enable this policy setting, phone number detection is turned off. Users won't be able to modify this setting.
If you disable this policy setting, phone number detection is turned on. Users won't be able to modify this setting.
If you don't configure this policy setting, users can turn this behavior on or off, using Internet Explorer settings. The default is on.</string>
</stringTable>
<presentationTable>
<presentation id="AddonManagement_AddOnList_1">
<listBox refId="AddOnList">Add-on List</listBox>
</presentation>
<presentation id="AnchorColorHoverPol">
<textBox refId="AnchorColorHover">
<label>Hover color</label>
<defaultValue>255,0,0</defaultValue>
</textBox>
</presentation>
<presentation id="Audio_Video_Player">
<checkBox refId="ActiveMovie_Control">ActiveMovie Control</checkBox>
<checkBox refId="Media_Control">Media Control</checkBox>
</presentation>
<presentation id="BackgroundColorPol">
<textBox refId="BackgroundColor">
<label>Background color</label>
<defaultValue>192,192,192</defaultValue>
</textBox>
</presentation>
<presentation id="Carpoint">
<checkBox refId="CarPoint_AutoPricer_Control">CarPoint AutoPricer Control</checkBox>
</presentation>
<presentation id="CodeDownloadPol">
<textBox refId="Path">
<label>Path</label>
<defaultValue>CODEBASE</defaultValue>
</textBox>
</presentation>
<presentation id="ControlPanel_SendIDNNames_1">
<dropdownList refId="SelectIDNBehavior" noSort="true" defaultItem="1">Select the desired behavior</dropdownList>
</presentation>
<presentation id="ControlPanel_UTF8URLQuery_1">
<dropdownList refId="SelectUTF8URLQueryBehavior" noSort="true" defaultItem="0">Select the desired behavior</dropdownList>
</presentation>
<presentation id="Customized_UserAgent_String_1">
<textBox refId="EnterIEVersionPrompt">
<label>Enter IE Version String</label>
</textBox>
</presentation>
<presentation id="DHTMLEdit">
<checkBox refId="DHTMLEdit">DHTML Edit Control</checkBox>
</presentation>
<presentation id="Disable_Managing_Phishing_Filter_1">
<dropdownList refId="PhishingOptions">Select phishing filter mode</dropdownList>
</presentation>
<presentation id="Disable_Managing_Safety_Filter_IE8">
<dropdownList refId="IE8SafetyFilterOptions">Select SmartScreen Filter mode for Internet Explorer 8</dropdownList>
</presentation>
<presentation id="Disable_Managing_Safety_Filter_IE9">
<dropdownList refId="IE9SafetyFilterOptions">Select SmartScreen Filter mode</dropdownList>
</presentation>
<presentation id="Flash">
<checkBox refId="Flash">Shockwave Flash</checkBox>
</presentation>
<presentation id="FontSize">
<dropdownList refId="FontSizeDefault" noSort="true" defaultItem="2">Default Size</dropdownList>
</presentation>
<presentation id="HelpAbout128Pol">
<textBox refId="HelpAbout128Link">
<label>Cipher Strength Update Information URL:</label>
<defaultValue>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=128bit</defaultValue>
</textBox>
</presentation>
<presentation id="IESF_NPLRest_InternetZone_1">
<listBox refId="IESF_NPLRestrictionsList">Enter restricted protocols for this zone.</listBox>
</presentation>
<presentation id="IESF_Policy_BinaryBehaviorAdminAllow_1">
<listBox refId="IESF_BinaryBehaviorAdminAllow">Enter the allowed behaviors here.</listBox>
</presentation>
<presentation id="IESF_PolicyProcessList_1">
<listBox refId="IESF_PartnameProcessList">Process List:</listBox>
</presentation>
<presentation id="Investor">
<checkBox refId="InvestorChart_Control">MSN Investor Chart Control</checkBox>
<checkBox refId="MS_Investor_Ticker">MS Investor Ticker</checkBox>
</presentation>
<presentation id="IZ_Policy_AddressStatusBar_1">
<dropdownList refId="IZ_Partname2104" noSort="true" defaultItem="0">Open windows without address or status bars</dropdownList>
</presentation>
<presentation id="IZ_PolicyOnlyAllowApprovedDomainsToUseActiveXWithoutPrompt_DefaultOn">
<dropdownList refId="IZ_Partname120b" noSort="true" defaultItem="0">Only allow approved domains to use ActiveX controls without prompt</dropdownList>
</presentation>
<presentation id="IZ_PolicyOnlyAllowApprovedDomainsToUseActiveXWithoutPrompt_DefaultOff">
<dropdownList refId="IZ_Partname120b" noSort="true" defaultItem="1">Only allow approved domains to use ActiveX controls without prompt</dropdownList>
</presentation>
<presentation id="IZ_Policy_AllowDynsrcPlayback_1">
<dropdownList refId="IZ_Partname120A" noSort="true" defaultItem="0">Allow video and animation on a Web page that uses a legacy media player</dropdownList>
</presentation>
<presentation id="IZ_Policy_AllowScriptlets_1">
<dropdownList refId="IZ_Partname1209" noSort="true" defaultItem="0">Scriptlets</dropdownList>
</presentation>
<presentation id="IZ_Policy_FirstRunOptIn_1">
<dropdownList refId="IZ_Partname1208" noSort="true" defaultItem="0">First-Run Opt-In</dropdownList>
</presentation>
<presentation id="IZ_Policy_LocalPathForUpload_1">
<dropdownList refId="IZ_Partname160A" noSort="true" defaultItem="0">Include local directory path when uploading files to a server</dropdownList>
</presentation>
<presentation id="IZ_Policy_Phishing">
<dropdownList refId="IZ_Partname2301" noSort="true" defaultItem="0">Use SmartScreen Filter</dropdownList>
</presentation>
<presentation id="IZ_Policy_ScriptPrompt_1">
<dropdownList refId="IZ_Partname2105" noSort="true" defaultItem="0">Prompt for information using scripted windows</dropdownList>
</presentation>
<presentation id="IZ_Policy_ScriptStatusBar_1">
<dropdownList refId="IZ_Partname2103" noSort="true" defaultItem="0">Status bar updates via script</dropdownList>
</presentation>
<presentation id="IZ_Policy_TurnOnProtectedMode_1">
<dropdownList refId="IZ_Partname2500" noSort="true" defaultItem="0">Protected Mode</dropdownList>
</presentation>
<presentation id="IZ_PolicyTurnOnXSSFilter_DefaultOn">
<dropdownList refId="IZ_Partname1409" noSort="true" defaultItem="0">Turn on Cross-Site Scripting (XSS) Filter</dropdownList>
</presentation>
<presentation id="IZ_PolicyTurnOnXSSFilter_DefaultOff">
<dropdownList refId="IZ_Partname1409" noSort="true" defaultItem="1">Turn on Cross-Site Scripting (XSS) Filter</dropdownList>
</presentation>
<presentation id="IZ_Policy_UnsafeFiles_1">
<dropdownList refId="IZ_Partname1806" noSort="true" defaultItem="0">Launching programs and unsafe files</dropdownList>
</presentation>
<presentation id="IZ_Policy_WebBrowserApps">
<dropdownList refId="IZ_Partname2400" noSort="true" defaultItem="0">XAML browser applications</dropdownList>
</presentation>
<presentation id="IZ_Policy_WebBrowserControl_1">
<dropdownList refId="IZ_Partname1206" noSort="true" defaultItem="0">Internet Explorer web browser control</dropdownList>
</presentation>
<presentation id="IZ_Policy_WinFXRuntimeComponent">
<dropdownList refId="IZ_Partname2600" noSort="true" defaultItem="0">.NET Framework Setup</dropdownList>
</presentation>
<presentation id="IZ_Policy_XAML">
<dropdownList refId="IZ_Partname2402" noSort="true" defaultItem="0">XAML Files</dropdownList>
</presentation>
<presentation id="IZ_Policy_XPS">
<dropdownList refId="IZ_Partname2401" noSort="true" defaultItem="0">XPS documents</dropdownList>
</presentation>
<presentation id="IZ_PolicyAccessDataSourcesAcrossDomains_1">
<dropdownList refId="IZ_Partname1406" noSort="true" defaultItem="1">Access data sources across domains</dropdownList>
</presentation>
<presentation id="IZ_PolicyAccessDataSourcesAcrossDomains_10">
<dropdownList refId="IZ_Partname1406" noSort="true" defaultItem="0">Access data sources across domains</dropdownList>
</presentation>
<presentation id="IZ_PolicyAccessDataSourcesAcrossDomains_3">
<dropdownList refId="IZ_Partname1406" noSort="true" defaultItem="2">Access data sources across domains</dropdownList>
</presentation>
<presentation id="IZ_PolicyActiveScripting_1">
<dropdownList refId="IZ_Partname1400" noSort="true" defaultItem="0">Allow active scripting</dropdownList>
</presentation>
<presentation id="IZ_PolicyActiveScripting_10">
<dropdownList refId="IZ_Partname1400" noSort="true" defaultItem="2">Allow active scripting</dropdownList>
</presentation>
<presentation id="IZ_PolicyActiveScripting_7">
<dropdownList refId="IZ_Partname1400" noSort="true" defaultItem="1">Allow active scripting</dropdownList>
</presentation>
<presentation id="IZ_PolicyAllowMETAREFRESH_1">
<dropdownList refId="IZ_Partname1608" noSort="true" defaultItem="0">Allow META REFRESH</dropdownList>
</presentation>
<presentation id="IZ_PolicyAllowMETAREFRESH_7">
<dropdownList refId="IZ_Partname1608" noSort="true" defaultItem="1">Allow META REFRESH</dropdownList>
</presentation>
<presentation id="IZ_PolicyAllowPasteViaScript_1">
<dropdownList refId="IZ_Partname1407" noSort="true" defaultItem="0">Allow paste operations via script</dropdownList>
</presentation>
<presentation id="IZ_PolicyAllowPasteViaScript_7">
<dropdownList refId="IZ_Partname1407" noSort="true" defaultItem="1">Allow paste operations via script</dropdownList>
</presentation>
<presentation id="IZ_PolicyBinaryBehaviors_1">
<dropdownList refId="IZ_Partname2000" noSort="true" defaultItem="0">Allow Binary and Script Behaviors</dropdownList>
</presentation>
<presentation id="IZ_PolicyBinaryBehaviors_10">
<dropdownList refId="IZ_Partname2000" noSort="true" defaultItem="1">Allow Binary and Script Behaviors</dropdownList>
</presentation>
<presentation id="IZ_PolicyBinaryBehaviors_7">
<dropdownList refId="IZ_Partname2000" noSort="true" defaultItem="2">Allow Binary and Script Behaviors</dropdownList>
</presentation>
<presentation id="IZ_PolicyBlockPopupWindows_1">
<dropdownList refId="IZ_Partname1809" noSort="true" defaultItem="0">Use Pop-up Blocker</dropdownList>
</presentation>
<presentation id="IZ_PolicyBlockPopupWindows_10">
<dropdownList refId="IZ_Partname1809" noSort="true" defaultItem="1">Use Pop-up Blocker</dropdownList>
</presentation>
<presentation id="IZ_PolicyDisplayMixedContent_1">
<dropdownList refId="IZ_Partname1609" noSort="true" defaultItem="2">Display mixed content</dropdownList>
</presentation>
<presentation id="IZ_PolicyDownloadSignedActiveX_1">
<dropdownList refId="IZ_Partname1001" noSort="true" defaultItem="2">Download signed ActiveX controls</dropdownList>
</presentation>
<presentation id="IZ_PolicyDownloadSignedActiveX_10">
<dropdownList refId="IZ_Partname1001" noSort="true" defaultItem="0">Download signed ActiveX controls</dropdownList>
</presentation>
<presentation id="IZ_PolicyDownloadSignedActiveX_7">
<dropdownList refId="IZ_Partname1001" noSort="true" defaultItem="1">Download signed ActiveX controls</dropdownList>
</presentation>
<presentation id="IZ_PolicyDownloadUnsignedActiveX_1">
<dropdownList refId="IZ_Partname1004" noSort="true" defaultItem="1">Download unsigned ActiveX controls</dropdownList>
</presentation>
<presentation id="IZ_PolicyDownloadUnsignedActiveX_5">
<dropdownList refId="IZ_Partname1004" noSort="true" defaultItem="2">Download unsigned ActiveX controls</dropdownList>
</presentation>
<presentation id="IZ_PolicyDownloadUnsignedActiveX_9">
<dropdownList refId="IZ_Partname1004" noSort="true" defaultItem="0">Download unsigned ActiveX controls</dropdownList>
</presentation>
<presentation id="IZ_PolicyDropOrPasteFiles_1">
<dropdownList refId="IZ_Partname1802" noSort="true" defaultItem="0">Allow drag and drop or copy and paste files</dropdownList>
</presentation>
<presentation id="IZ_PolicyDropOrPasteFiles_7">
<dropdownList refId="IZ_Partname1802" noSort="true" defaultItem="2">Allow drag and drop or copy and paste files</dropdownList>
</presentation>
<presentation id="IZ_PolicyRenderLegacyFilters_DefaultEnable">
<dropdownList refId="IZ_Partname270B" noSort="true" defaultItem="0">Render legacy filters</dropdownList>
</presentation>
<presentation id="IZ_PolicyRenderLegacyFilters_DefaultDisable">
<dropdownList refId="IZ_Partname270B" noSort="true" defaultItem="1">Render legacy filters</dropdownList>
</presentation>
<presentation id="IZ_PolicyFileDownload_1">
<dropdownList refId="IZ_Partname1803" noSort="true" defaultItem="0">Allow file downloads</dropdownList>
</presentation>
<presentation id="IZ_PolicyFileDownload_7">
<dropdownList refId="IZ_Partname1803" noSort="true" defaultItem="1">Allow file downloads</dropdownList>
</presentation>
<presentation id="IZ_PolicyFontDownload_1">
<dropdownList refId="IZ_Partname1604" noSort="true" defaultItem="0">Allow font downloads</dropdownList>
</presentation>
<presentation id="IZ_PolicyFontDownload_7">
<dropdownList refId="IZ_Partname1604" noSort="true" defaultItem="2">Allow font downloads</dropdownList>
</presentation>
<presentation id="IZ_PolicyInstallDesktopItems_1">
<dropdownList refId="IZ_Partname1800" noSort="true" defaultItem="2">Allow installation of desktop items</dropdownList>
</presentation>
<presentation id="IZ_PolicyInstallDesktopItems_10">
<dropdownList refId="IZ_Partname1800" noSort="true" defaultItem="0">Allow installation of desktop items</dropdownList>
</presentation>
<presentation id="IZ_PolicyInstallDesktopItems_7">
<dropdownList refId="IZ_Partname1800" noSort="true" defaultItem="1">Allow installation of desktop items</dropdownList>
</presentation>
<presentation id="IZ_PolicyInternetZoneLockdownTemplate_1">
<dropdownList refId="IZ_PartnameInternetZoneLockdownTemplate" noSort="true" defaultItem="2">Locked-Down Internet</dropdownList>
</presentation>
<presentation id="IZ_PolicyInternetZoneTemplate_1">
<dropdownList refId="IZ_PartnameInternetZoneTemplate" noSort="true" defaultItem="2">Internet</dropdownList>
</presentation>
<presentation id="IZ_PolicyIntranetZoneLockdownTemplate_1">
<dropdownList refId="IZ_PartnameIntranetZoneLockdownTemplate" noSort="true" defaultItem="1">Locked-Down Intranet</dropdownList>
</presentation>
<presentation id="IZ_PolicyIntranetZoneTemplate_1">
<dropdownList refId="IZ_PartnameIntranetZoneTemplate" noSort="true" defaultItem="1">Intranet</dropdownList>
</presentation>
<presentation id="IZ_PolicyJavaPermissions_1">
<dropdownList refId="IZ_Partname1C00" noSort="true" defaultItem="0">Java permissions</dropdownList>
</presentation>
<presentation id="IZ_PolicyJavaPermissions_10">
<dropdownList refId="IZ_Partname1C00" noSort="true" defaultItem="4">Java permissions</dropdownList>
</presentation>
<presentation id="IZ_PolicyJavaPermissions_3">
<dropdownList refId="IZ_Partname1C00" noSort="true" defaultItem="1">Java permissions</dropdownList>
</presentation>
<presentation id="IZ_PolicyJavaPermissions_5">
<dropdownList refId="IZ_Partname1C00" noSort="true" defaultItem="2">Java permissions</dropdownList>
</presentation>
<presentation id="IZ_PolicyLaunchAppsAndFilesInIFRAME_1">
<dropdownList refId="IZ_Partname1804" noSort="true" defaultItem="2">Launching applications and files in an IFRAME</dropdownList>
</presentation>
<presentation id="IZ_PolicyLaunchAppsAndFilesInIFRAME_10">
<dropdownList refId="IZ_Partname1804" noSort="true" defaultItem="0">Launching applications and files in an IFRAME</dropdownList>
</presentation>
<presentation id="IZ_PolicyLaunchAppsAndFilesInIFRAME_7">
<dropdownList refId="IZ_Partname1804" noSort="true" defaultItem="1">Launching applications and files in an IFRAME</dropdownList>
</presentation>
<presentation id="IZ_PolicyLocalMachineZoneLockdownTemplate_1">
<dropdownList refId="IZ_PartnameLocalMachineZoneLockdownTemplate" noSort="true" defaultItem="4">Locked-Down Local Machine Zone</dropdownList>
</presentation>
<presentation id="IZ_PolicyLocalMachineZoneTemplate_1">
<dropdownList refId="IZ_PartnameLocalMachineZoneTemplate" noSort="true" defaultItem="0">Local Machine Zone</dropdownList>
</presentation>
<presentation id="IZ_PolicyLogon_1">
<dropdownList refId="IZ_Partname1A00" noSort="true" defaultItem="1">Logon options</dropdownList>
</presentation>
<presentation id="IZ_PolicyLogon_10">
<dropdownList refId="IZ_Partname1A00" noSort="true" defaultItem="2">Logon options</dropdownList>
</presentation>
<presentation id="IZ_PolicyLogon_7">
<dropdownList refId="IZ_Partname1A00" noSort="true" defaultItem="3">Logon options</dropdownList>
</presentation>
<presentation id="IZ_PolicyMimeSniffingURLaction_1">
<dropdownList refId="IZ_Partname2100" noSort="true" defaultItem="0">Enable MIME Sniffing</dropdownList>
</presentation>
<presentation id="IZ_PolicyMimeSniffingURLaction_10">
<dropdownList refId="IZ_Partname2100" noSort="true" defaultItem="1">Enable MIME Sniffing</dropdownList>
</presentation>
<presentation id="IZ_PolicyDragDropAcrossDomainsWithinWindow">
<dropdownList refId="IZ_Partname2708" noSort="true" defaultItem="1">Enable dragging of content from different domains within a window</dropdownList>
</presentation>
<presentation id="IZ_PolicyDragDropAcrossDomainsAcrossWindows">
<dropdownList refId="IZ_Partname2709" noSort="true" defaultItem="1">Enable dragging of content from different domains across windows</dropdownList>
</presentation>
<presentation id="IZ_PolicyNavigateSubframesAcrossDomains_1">
<dropdownList refId="IZ_Partname1607" noSort="true" defaultItem="0">Navigate windows and frames across different domains</dropdownList>
</presentation>
<presentation id="IZ_PolicyNavigateSubframesAcrossDomains_7">
<dropdownList refId="IZ_Partname1607" noSort="true" defaultItem="1">Navigate windows and frames across different domains</dropdownList>
</presentation>
<presentation id="IZ_PolicyNetworkProtocolLockdown_1">
<dropdownList refId="IZ_Partname2300" noSort="true" defaultItem="2">Allow active content over restricted protocols to access my computer</dropdownList>
</presentation>
<presentation id="IZ_PolicyNetworkProtocolLockdown_4">
<dropdownList refId="IZ_Partname2300" noSort="true" defaultItem="1">Allow active content over restricted protocols to access my computer</dropdownList>
</presentation>
<presentation id="IZ_PolicyNoPromptForOneOrNoClientCertificate_1">
<dropdownList refId="IZ_Partname1A04" noSort="true" defaultItem="1">Do not prompt for client certificate selection when no certificates or only one certificate exists.</dropdownList>
</presentation>
<presentation id="IZ_PolicyNoPromptForOneOrNoClientCertificate_3">
<dropdownList refId="IZ_Partname1A04" noSort="true" defaultItem="0">Do not prompt for client certificate selection when no certificates or only one certificate exists.</dropdownList>
</presentation>
<presentation id="IZ_PolicyNotificationBarActiveXURLaction_1">
<dropdownList refId="IZ_Partname2201" noSort="true" defaultItem="1">Automatic prompting for ActiveX controls</dropdownList>
</presentation>
<presentation id="IZ_PolicyNotificationBarActiveXURLaction_3">
<dropdownList refId="IZ_Partname2201" noSort="true" defaultItem="0">Automatic prompting for ActiveX controls</dropdownList>
</presentation>
<presentation id="IZ_PolicyNotificationBarDownloadURLaction_1">
<dropdownList refId="IZ_Partname2200" noSort="true" defaultItem="1">Automatic prompting for file downloads</dropdownList>
</presentation>
<presentation id="IZ_PolicyNotificationBarDownloadURLaction_3">
<dropdownList refId="IZ_Partname2200" noSort="true" defaultItem="0">Automatic prompting for file downloads</dropdownList>
</presentation>
<presentation id="IZ_PolicyRestrictedSitesZoneLockdownTemplate_1">
<dropdownList refId="IZ_PartnameRestrictedSitesZoneLockdownTemplate" noSort="true" defaultItem="4">Locked-Down Restricted Sites</dropdownList>
</presentation>
<presentation id="IZ_PolicyRestrictedSitesZoneTemplate_1">
<dropdownList refId="IZ_PartnameRestrictedSitesZoneTemplate" noSort="true" defaultItem="4">Restricted Sites</dropdownList>
</presentation>
<presentation id="IZ_PolicyRunActiveXControls_1">
<dropdownList refId="IZ_Partname1200" noSort="true" defaultItem="1">Run ActiveX controls and plugins</dropdownList>
</presentation>
<presentation id="IZ_PolicyRunActiveXControls_10">
<dropdownList refId="IZ_Partname1200" noSort="true" defaultItem="2">Run ActiveX controls and plugins</dropdownList>
</presentation>
<presentation id="IZ_PolicyScriptActiveXMarkedSafe_1">
<dropdownList refId="IZ_Partname1405" noSort="true" defaultItem="0">Script ActiveX controls marked safe for scripting</dropdownList>
</presentation>
<presentation id="IZ_PolicyScriptActiveXMarkedSafe_7">
<dropdownList refId="IZ_Partname1405" noSort="true" defaultItem="1">Script ActiveX controls marked safe for scripting</dropdownList>
</presentation>
<presentation id="IZ_PolicyAntiMalwareCheckingOfActiveXControls_1">
<dropdownList refId="IZ_Partname270C" noSort="true" defaultItem="1">Don't run antimalware programs against ActiveX controls</dropdownList>
</presentation>
<presentation id="IZ_PolicyAntiMalwareCheckingOfActiveXControls_3">
<dropdownList refId="IZ_Partname270C" noSort="true" defaultItem="0">Don't run antimalware programs against ActiveX controls</dropdownList>
</presentation>
<presentation id="IZ_PolicyScriptActiveXNotMarkedSafe_1">
<dropdownList refId="IZ_Partname1201" noSort="true" defaultItem="1">Initialize and script ActiveX controls not marked as safe</dropdownList>
</presentation>
<presentation id="IZ_PolicyScriptActiveXNotMarkedSafe_5">
<dropdownList refId="IZ_Partname1201" noSort="true" defaultItem="2">Initialize and script ActiveX controls not marked as safe</dropdownList>
</presentation>
<presentation id="IZ_PolicyScriptingOfJavaApplets_1">
<dropdownList refId="IZ_Partname1402" noSort="true" defaultItem="0">Scripting of Java applets</dropdownList>
</presentation>
<presentation id="IZ_PolicyScriptingOfJavaApplets_7">
<dropdownList refId="IZ_Partname1402" noSort="true" defaultItem="1">Scripting of Java applets</dropdownList>
</presentation>
<presentation id="IZ_PolicySignedFrameworkComponentsURLaction_1">
<dropdownList refId="IZ_Partname2001" noSort="true" defaultItem="0">Run .NET Framework-reliant components signed with Authenticode</dropdownList>
</presentation>
<presentation id="IZ_PolicySignedFrameworkComponentsURLaction_10">
<dropdownList refId="IZ_Partname2001" noSort="true" defaultItem="1">Run .NET Framework-reliant components signed with Authenticode</dropdownList>
</presentation>
<presentation id="IZ_PolicySoftwareChannelPermissions_1">
<dropdownList refId="IZ_Partname1E05" noSort="true" defaultItem="1">Software channel permissions</dropdownList>
</presentation>
<presentation id="IZ_PolicySoftwareChannelPermissions_10">
<dropdownList refId="IZ_Partname1E05" noSort="true" defaultItem="2">Software channel permissions</dropdownList>
</presentation>
<presentation id="IZ_PolicySoftwareChannelPermissions_7">
<dropdownList refId="IZ_Partname1E05" noSort="true" defaultItem="0">Software channel permissions</dropdownList>
</presentation>
<presentation id="IZ_PolicySubmitNonencryptedFormData_1">
<dropdownList refId="IZ_Partname1601" noSort="true" defaultItem="2">Submit non-encrypted form data</dropdownList>
</presentation>
<presentation id="IZ_PolicySubmitNonencryptedFormData_10">
<dropdownList refId="IZ_Partname1601" noSort="true" defaultItem="0">Submit non-encrypted form data</dropdownList>
</presentation>
<presentation id="IZ_PolicyTrustedSitesZoneLockdownTemplate_1">
<dropdownList refId="IZ_PartnameTrustedSitesZoneLockdownTemplate" noSort="true" defaultItem="0">Locked-Down Trusted Sites</dropdownList>
</presentation>
<presentation id="IZ_PolicyTrustedSitesZoneTemplate_1">
<dropdownList refId="IZ_PartnameTrustedSitesZoneTemplate" noSort="true" defaultItem="0">Trusted Sites</dropdownList>
</presentation>
<presentation id="IZ_PolicyUnsignedFrameworkComponentsURLaction_1">
<dropdownList refId="IZ_Partname2004" noSort="true" defaultItem="0">Run .NET Framework-reliant components not signed with Authenticode</dropdownList>
</presentation>
<presentation id="IZ_PolicyUnsignedFrameworkComponentsURLaction_10">
<dropdownList refId="IZ_Partname2004" noSort="true" defaultItem="1">Run .NET Framework-reliant components not signed with Authenticode</dropdownList>
</presentation>
<presentation id="IZ_PolicyUserdataPersistence_1">
<dropdownList refId="IZ_Partname1606" noSort="true" defaultItem="0">Userdata persistence</dropdownList>
</presentation>
<presentation id="IZ_PolicyUserdataPersistence_7">
<dropdownList refId="IZ_Partname1606" noSort="true" defaultItem="1">Userdata persistence</dropdownList>
</presentation>
<presentation id="IZ_PolicyWindowsRestrictionsURLaction_1">
<dropdownList refId="IZ_Partname2102" noSort="true" defaultItem="1">Allow script-initiated windows without size or position constraints</dropdownList>
</presentation>
<presentation id="IZ_PolicyWindowsRestrictionsURLaction_3">
<dropdownList refId="IZ_Partname2102" noSort="true" defaultItem="0">Allow script-initiated windows without size or position constraints</dropdownList>
</presentation>
<presentation id="IZ_PolicyZoneElevationURLaction_1">
<dropdownList refId="IZ_Partname2101" noSort="true" defaultItem="0">Web sites in less privileged Web content zones can navigate into this zone</dropdownList>
</presentation>
<presentation id="IZ_PolicyZoneElevationURLaction_10">
<dropdownList refId="IZ_Partname2101" noSort="true" defaultItem="1">Web sites in less privileged Web content zones can navigate into this zone</dropdownList>
</presentation>
<presentation id="IZ_PolicyZoneElevationURLaction_5">
<dropdownList refId="IZ_Partname2101" noSort="true" defaultItem="2">Web sites in less privileged Web content zones can navigate into this zone</dropdownList>
</presentation>
<presentation id="IZ_Zonemaps_1">
<listBox refId="IZ_ZonemapPrompt">Enter the zone assignments here.</listBox>
</presentation>
<presentation id="LinkColorPol">
<textBox refId="LinkColor">
<label>Link color</label>
<defaultValue>0,0,255</defaultValue>
</textBox>
</presentation>
<presentation id="LinkColorVisitedPol">
<textBox refId="LinkColorVisited">
<label>Visited link color</label>
<defaultValue>96,100,32</defaultValue>
</textBox>
</presentation>
<presentation id="MaxSubscription">
<decimalTextBox refId="MaxSubscriptionSize" spinStep="250">Maximum size of subscriptions in kilobytes:</decimalTextBox>
<decimalTextBox refId="MaxSubscriptionCount" spinStep="5">Maximum number of offline pages:</decimalTextBox>
<decimalTextBox refId="MinUpdateInterval" spinStep="60">Minimum number of minutes between scheduled updates:</decimalTextBox>
<decimalTextBox refId="UpdateExcludeBegin" spinStep="60">Time to begin preventing scheduled updates:</decimalTextBox>
<decimalTextBox refId="UpdateExcludeEnd" spinStep="60">Time to end preventing scheduled updates:</decimalTextBox>
<dropdownList refId="MaxWebcrawlLevels" noSort="true" defaultItem="0">Maximum offline page crawl depth:</dropdownList>
</presentation>
<presentation id="MediaSettings">
<checkBox refId="BlockMedia">Disable the Media Explorer Bar and auto-play feature</checkBox>
<checkBox refId="PlayByDefault" defaultChecked="true">Auto-Play Media files in the Media bar when enabled</checkBox>
</presentation>
<presentation id="Menu_Controls">
<checkBox refId="MCSiMenu">MCSiMenu</checkBox>
<checkBox refId="PopupMenu_Object">Popup Menu Object</checkBox>
<checkBox refId="Ikonic_Control">Ikonic Menu Control</checkBox>
</presentation>
<presentation id="Microsoft_Agent">
<checkBox refId="Microsoft_Agent_Control">Microsoft Agent Control</checkBox>
</presentation>
<presentation id="Microsoft_Chat">
<checkBox refId="Microsoft_MSChat_Control">MSChat Control</checkBox>
</presentation>
<presentation id="MSNBC">
<checkBox refId="NewsBrowser">MSNBC News Control</checkBox>
</presentation>
<presentation id="NetShowFile">
<checkBox refId="NetShowFile">NetShow File Transfer Control</checkBox>
</presentation>
<presentation id="NoFirstRunCustomise_1">
<dropdownList refId="FirstRunOptions">Select your choice</dropdownList>
</presentation>
<presentation id="NoTabBrowsingPopups_1">
<dropdownList refId="PopUpList">Select tabbed browsing pop-up behavior</dropdownList>
</presentation>
<presentation id="NoWindowReuse_1">
<dropdownList refId="SelectWindowReuse">Select where to open links</dropdownList>
</presentation>
<presentation id="OESettings">
<checkBox refId="OEVirus">Block attachments that could contain a virus</checkBox>
</presentation>
<presentation id="Persistence_FileLimits0">
<decimalTextBox refId="FileLimits_Domain0" defaultValue="1024">Per domain(in kilobytes)</decimalTextBox>
<decimalTextBox refId="FileLimits_Document0" defaultValue="128">Per document (in kilobytes)</decimalTextBox>
</presentation>
<presentation id="Persistence_FileLimits1">
<decimalTextBox refId="FileLimits_Domain1" defaultValue="10240">Per domain (in kilobytes)</decimalTextBox>
<decimalTextBox refId="FileLimits_Document1" defaultValue="512">Per document (in kilobytes)</decimalTextBox>
</presentation>
<presentation id="Persistence_FileLimits2">
<decimalTextBox refId="FileLimits_Domain2" defaultValue="1024">Per domain (in kilobytes)</decimalTextBox>
<decimalTextBox refId="FileLimits_Document2" defaultValue="128">Per document (in kilobytes)</decimalTextBox>
</presentation>
<presentation id="Persistence_FileLimits3">
<decimalTextBox refId="FileLimits_Domain3" defaultValue="1024">Per domain (in kilobytes)</decimalTextBox>
<decimalTextBox refId="FileLimits_Document3" defaultValue="128">Per document (in kilobytes)</decimalTextBox>
</presentation>
<presentation id="Persistence_FileLimits4">
<decimalTextBox refId="FileLimits_Domain4" defaultValue="640">Per domain (in kilobytes)</decimalTextBox>
<decimalTextBox refId="FileLimits_Document4" defaultValue="64">Per document (in kilobytes)</decimalTextBox>
</presentation>
<presentation id="PopupBlocker_AllowList_1">
<listBox refId="PopupBlocker_AllowListPrompt">Enter the list of sites here.</listBox>
</presentation>
<presentation id="RestrictFormSuggestPW">
<checkBox refId="ChkBox_PasswordAsk">Prompt me to save passwords</checkBox>
</presentation>
<presentation id="RestrictHistory_1">
<decimalTextBox refId="DaysToKeep_Prompt" defaultValue="20">Days to keep pages in History</decimalTextBox>
</presentation>
<presentation id="RestrictHomePage">
<textBox refId="EnterHomePagePrompt">
<label>Home Page</label>
</textBox>
</presentation>
<presentation id="Scriptlet">
<checkBox refId="Scriptlet">Microsoft Scriptlet Component</checkBox>
</presentation>
<presentation id="Survey">
<checkBox refId="Survey">Microsoft Survey Control</checkBox>
</presentation>
<presentation id="TabOpenInFgndBgnd_1">
<dropdownList refId="ForeGndBackGnd">Select tab opening position</dropdownList>
</presentation>
<presentation id="TextColorPol">
<textBox refId="TextColor">
<label>Text color</label>
<defaultValue>0,0,0</defaultValue>
</textBox>
</presentation>
<presentation id="ToolbarButtons">
<checkBox refId="Btn_Back">Show Back button</checkBox>
<checkBox refId="Btn_Forward">Show Forward button</checkBox>
<checkBox refId="Btn_Stop">Show Stop button</checkBox>
<checkBox refId="Btn_Refresh">Show Refresh button</checkBox>
<checkBox refId="Btn_Home">Show Home button</checkBox>
<checkBox refId="Btn_Search">Show Search button</checkBox>
<checkBox refId="Btn_Favorites">Show Favorites button</checkBox>
<checkBox refId="Btn_History">Show History button</checkBox>
<checkBox refId="Btn_Folders">Show Folders button</checkBox>
<checkBox refId="Btn_Fullscreen">Show Fullscreen button</checkBox>
<checkBox refId="Btn_Tools">Show Tools button</checkBox>
<checkBox refId="Btn_MailNews">Show Mail button</checkBox>
<checkBox refId="Btn_Size">Show Font size button</checkBox>
<checkBox refId="Btn_Print">Show Print button</checkBox>
<checkBox refId="Btn_Edit">Show Edit button</checkBox>
<checkBox refId="Btn_Discussions">Show Discussions button</checkBox>
<checkBox refId="Btn_Cut">Show Cut button</checkBox>
<checkBox refId="Btn_Copy">Show Copy button</checkBox>
<checkBox refId="Btn_Paste">Show Paste button</checkBox>
<checkBox refId="Btn_Encoding">Show Encoding button</checkBox>
</presentation>
<presentation id="TopResultPol">
<dropdownList refId="TopResult" noSort="true" defaultItem="0">When searching from the Address bar:</dropdownList>
</presentation>
<presentation id="UnderlineLinksPol">
<dropdownList refId="UnderlineLinks" noSort="true" defaultItem="0">Underline links</dropdownList>
</presentation>
<presentation id="UpdateIntervalPol">
<decimalTextBox refId="UpdateInterval" defaultValue="30">Update check interval (in days):</decimalTextBox>
</presentation>
<presentation id="UpdatePagePol">
<textBox refId="UpdatePage">
<label>URL to be displayed for updates:</label>
<defaultValue>http://www.microsoft.com/isapi/redir.dll?Prd=ie&Pver=5.0&Ar=ie5update</defaultValue>
</textBox>
</presentation>
<presentation id="URLFailsPol">
<dropdownList refId="URLFails" noSort="true" defaultItem="0">When searching from the address bar:</dropdownList>
</presentation>
<presentation id="IESF_MaxConnectionPerServer_1">
<decimalTextBox refId="IESF_MaxConnections" defaultValue="6">Maximum number of connections:</decimalTextBox>
</presentation>
<presentation id="IESF_WebSocketMaxConnectionsPerServer">
<decimalTextBox refId="IESF_WebSocketMaxConnections" defaultValue="6">Maximum number of connections:</decimalTextBox>
</presentation>
<presentation id="Advanced_SetWinInetProtocols">
<!-- defaultItem is zero based index into the item enumeration defined in inetres.admx. We want this to point at 'Use SSL 3.0 and TLS 1.0', the current default for IE -->
<dropdownList refId="Advanced_WinInetProtocolOptions" noSort="true" defaultItem="6">Secure Protocol combinations</dropdownList>
</presentation>
<presentation id="NewTabAction_1">
<dropdownList refId="NewTabActionOptions" noSort="true" defaultItem="2">New tab behavior</dropdownList>
</presentation>
<presentation id="SecondaryHomePages">
<listBox refId="SecondaryHomePagesList">Secondary home pages</listBox>
</presentation>
<presentation id="SetCommandLabels_1">
<dropdownList refId="CommandLabelOptions" noSort="true" defaultItem="0">Command Labeling</dropdownList>
</presentation>
<presentation id="TabProcGrowth">
<textBox refId="TabProcGrowthPart">
<label>Tab Process Growth</label>
</textBox>
</presentation>
<presentation id="InPrivateBlockingThresholdV8">
<decimalTextBox refId="InPrivateBlockingThresholdV8Value" defaultValue="10">Threshold (3-30):</decimalTextBox>
</presentation>
<presentation id="InPrivateBlockingThresholdV9">
<decimalTextBox refId="InPrivateBlockingThresholdV9Value" defaultValue="10">Threshold (3-30):</decimalTextBox>
</presentation>
<presentation id="DeployAccelerators">
<listBox refId="DeployAcceleratorsInstall">List of non-default Accelerators to install</listBox>
</presentation>
<presentation id="DeployDefaultAccelerators">
<listBox refId="DeployAcceleratorsDefaults">List of default Accelerators to install</listBox>
</presentation>
<presentation id="CompatView_UsePolicyList_1">
<listBox refId="CompatView_SiteList">List of sites</listBox>
</presentation>
<presentation id="CompatView_UseQuirksPolicyList">
<listBox refId="QuirksMode_SiteList">List of sites</listBox>
</presentation>
<presentation id="DefaultDomainCacheLimitInMB">
<decimalTextBox refId="DefaultDomainCacheLimitInMBPart" defaultValue="10">Set default storage limits for websites</decimalTextBox>
</presentation>
<presentation id="IndexedDB_MaxTrustedDomainLimitInMB">
<decimalTextBox refId="IndexedDB_MaxTrustedDomainLimitInMBPart" defaultValue="500">Set indexed database storage limits for individual domains</decimalTextBox>
</presentation>
<presentation id="IndexedDB_TotalLimitInMB">
<decimalTextBox refId="IndexedDB_TotalLimitInMBPart" defaultValue="4096">Set maximum indexed database storage limit for all domains</decimalTextBox>
</presentation>
<presentation id="AppCache_MaxTrustedDomainLimitInMB">
<decimalTextBox refId="AppCache_MaxTrustedDomainLimitInMBPart" defaultValue="50">Domain Storage Limit</decimalTextBox>
</presentation>
<presentation id="AppCache_TotalLimitInMB">
<decimalTextBox refId="AppCache_TotalLimitInMBPart" defaultValue="1024">Total Storage Limit</decimalTextBox>
</presentation>
<presentation id="AppCache_GarbageCollectionThresholdInDays">
<decimalTextBox refId="AppCache_GarbageCollectionThresholdInDaysPart" defaultValue="30">Number of days</decimalTextBox>
</presentation>
<presentation id="AppCache_ManifestResourceQuota">
<decimalTextBox refId="AppCache_ManifestResourceQuotaPart" defaultValue="1000">Number of resources</decimalTextBox>
</presentation>
<presentation id="AppCache_ManifestSingleResourceQuotaInMB">
<decimalTextBox refId="AppCache_ManifestSingleResourceQuotaInMBPart" defaultValue="50">Maximum resource size</decimalTextBox>
</presentation>
<presentation id="DefaultLinksView_1">
<dropdownList refId="DefaultViewOptions" noSort="true" defaultItem="0">Default browser launch behavior for links</dropdownList>
</presentation>
</presentationTable>
</resources>
</policyDefinitionResources>