Datenschutz und Sicherheit in Microsoft Edge über GPO
Erweiterte Datenschutz und Sicherheitseinstellungen über GPO für Microsoft Edge.
Hier finden Sie einige Einstellungen die von meiner Seite relevant sind. Weitere Einstellungen wie z.B. Sperren einzelner Webseiten, Entwicklertools, Auto Update, Suchmaschinen werden hier nicht berücksichtigt.
Allgemein
Computerkonfiguration\Richtlinien\Administrative Vorlagen\Windows Komponenten\Microsoft Edge
Computer Configuration\Policies\Administrative Templates\Windows Components\Microsoft Edge
Adobe Flash zulassen
Allow Adobe FlashStatus: Deaktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Addons!FlashPlayerEnabled REG_DWORD: 0 HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\MicrosoftEdge\Addons!FlashPlayerEnabled REG_DWORD: 0
DNT konfigurieren
Configure Do Not Track
Status: Deaktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main!DoNotTrack REG_DWORD: 0 HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main!DoNotTrack REG_DWORD: 0
Erweiterte Telemetrie für Registerkarte „Bücher“ zulassen
Allow extended telemetry for the Books tabStatus: Deaktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\BooksLibrary!EnableExtendedBooksTelemetry REG_DWORD: 0 HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\BooksLibrary!EnableExtendedBooksTelemetry REG_DWORD: 0
Erweiterungen zulassen
Allow ExtensionsStatus: Deaktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Extensions!ExtensionsEnabled REG_DWORD: 0 HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Extensions!ExtensionsEnabled REG_DWORD: 0
Klick-und-Los-Einstellung für Adobe Flash konfigurieren
Configure the Adobe Flash Click-to-Run settingStatus: Deaktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Security!FlashClickToRunMode REG_DWORD: 0 HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Security!FlashClickToRunMode REG_DWORD: 0
Konfigurationsupdates für die Bücherbibliothek zulassen
Allow configuration updates for the Books LibraryStatus: Deaktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\BooksLibrary!AllowConfigurationUpdateForBooksLibrary REG_DWORD: 0 HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\MicrosoftEdge\BooksLibrary!AllowConfigurationUpdateForBooksLibrary REG_DWORD: 0
Löschen von Browserdaten beim Beenden zulassen
Allow clearing browsing data on exitStatus: Aktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Privacy!ClearBrowsingHistoryOnExit REG_DWORD: 1 HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Privacy!ClearBrowsingHistoryOnExit REG_DWORD: 1
Suchvorschläge in Adressleiste konfigurieren
Configure search suggestions in Address barStatus: Deaktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\SearchScopes!ShowSearchSuggestionsGlobal REG_DWORD: 0 HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\SearchScopes!ShowSearchSuggestionsGlobal REG_DWORD: 0
Umgehung der Windows Defender SmartScreen-Aufforderung für Dateien verhindern
Prevent bypassing Windows Defender SmartScreen prompts for filesStatus: Aktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter!PreventOverrideAppRepUnknown REG_DWORD: 1 HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\PhishingFilter!PreventOverrideAppRepUnknown REG_DWORD: 1
Umgehung der Windows Defender SmartScreen-Aufforderungen für Websites verhindern
Prevent bypassing Windows Defender SmartScreen prompts for sitesStatus: Aktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter!PreventOverride REG_DWORD: 1 HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\PhishingFilter!PreventOverride REG_DWORD: 1
Verhindern, dass die Einrichtungs-Webseite in Microsoft Edge geöffnet wird
Prevent the First Run webpage from opening on Microsoft EdgeStatus: Aktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main!PreventFirstRunPage REG_DWORD: 1 HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main!PreventFirstRunPage REG_DWORD: 1
Verhindern, dass Microsoft Edge beim Starten von Windows und bei jedem Schließen von Microsoft Edge die Startseite und die Seite „neue Registerkarte“ startet und lädt
Prevent Microsoft Edge from starting and loading the Start and New Tab page at Windows startup and eache time Microsoft Edge ist closed
Stauts: Aktiviert
Wert auswahl: Vorabladen von Registerkarten verhindern (Prevent Tab preloading)HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\TabPreloader!PreventTabPreloading REG_DWORD: 1 HKEY_LOCAL_ACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\TabPreloader!PreventTabPreloading REG_DWORD: 1
Verhindern, dass Microsoft Edge Live-Kachel-Informationen erfasst, wenn eione Website an das Startmenü angeheftet wird
Prevent Microsoft Edge from gathering Live Tile information when pinning a site to StartStatus: Aktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main!PreventLiveTileDataCollection REG_DWORD: 1 HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main!PreventLiveTileDataCollection REG_DWORD: 1
Verwendung der Localhost IP-Addresse für WebRTC verhindern
Prevent using Localhost IP address for WebRTCStatus: Aktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main!HideLocalHostIP REG_DWORD: 1 HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main!HideLocalHostIP REG_DWORD: 1
Vorschläge in Dropdownliste der Adressleiste zulassen
Allow Address bar drop-down list suggestionsStatus: Deaktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\ServiceUI!ShowOneBox REG_DWORD: 0 HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\ServiceUI!ShowOneBox REG_DWORD: 0
Windows Defender SmartScreen konfigurieren
Configure Windows Defender SmartScreenStatus: Deaktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter!EnabledV9 REG_DWORD: 0 HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\PhishingFilter!EnabledV9 REG_DWORD: 0
Zugriff auf die Seite „about:flags“ in Microsoft Edge verhindern
Prevent access to the about:flags page in Microsoft EdgeStatus: Aktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main!PreventAccessToAboutflagsInMicrosoftEdge REG_DWORD: 1 HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main!PreventAccessToAboutflagsInMicrosoftEdge REG_DWORD: 1
Skript für vorherige Konfiguration
# Registry eintraege - deaktivieren
$reg = @(
# Einstellungen Sync
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Addons";name="FlashPlayerEnabled ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Addons";name="FlashPlayerEnabled ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main";name="DoNotTrack ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main";name="DoNotTrack ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\BooksLibrary";name="EnableExtendedBooksTelemetry ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\BooksLibrary";name="EnableExtendedBooksTelemetry ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Extensions";name="ExtensionsEnabled ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Extensions";name="ExtensionsEnabled ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Security";name="FlashClickToRunMode ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Security";name="FlashClickToRunMode ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\BooksLibrary";name="AllowConfigurationUpdateForBooksLibrary ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\BooksLibrary";name="AllowConfigurationUpdateForBooksLibrary ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Privacy";name="ClearBrowsingHistoryOnExit ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Privacy";name="ClearBrowsingHistoryOnExit ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\SearchScopes";name="ShowSearchSuggestionsGlobal ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\SearchScopes";name="ShowSearchSuggestionsGlobal ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter";name="PreventOverrideAppRepUnknown";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\PhishingFilter";name="PreventOverrideAppRepUnknown";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter";name="PreventOverride ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\PhishingFilter";name="PreventOverride ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main";name="PreventFirstRunPage ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main";name="PreventFirstRunPage ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\TabPreloader";name="PreventTabPreloading ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\TabPreloader";name="PreventTabPreloading ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main";name="PreventLiveTileDataCollection ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main";name="PreventLiveTileDataCollection ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main";name="HideLocalHostIP ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main";name="HideLocalHostIP ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\ServiceUI";name="ShowOneBox ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\ServiceUI";name="ShowOneBox ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter";name="EnabledV9 ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\PhishingFilter";name="EnabledV9 ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main";name="PreventAccessToAboutflagsInMicrosoftEdge ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main";name="PreventAccessToAboutflagsInMicrosoftEdge ";value="1";type="DWord"}
)
# Reg-Eintraege schreiben
foreach($r in $reg){
if(Test-Path $r.path){
New-ItemProperty -Path $r.path -Name $r.name -Value $r.value -PropertyType $r.type -Force | Out-Null
}
else{
New-Item -Path $r.path -Force | Out-Null
New-ItemProperty -Path $r.path -Name $r.name -Value $r.value -PropertyType $r.type -Force | Out-Null
}
}
Ein Kommentar
Pingback: