Datenschutz und Sicherheit in Microsoft Edge über GPO
26. Juli 2018
Microsoft Edge
Verhindern, dass Microsoft Edge Live-Kachel-Informationen erfasst, wenn eione Website an das Startmenü angeheftet wird /
Zugriff auf die Seite „about:flags“ in Microsoft Edge verhindern /
Erweiterte Datenschutz und Sicherheitseinstellungen über GPO für Microsoft Edge.
Hier finden Sie einige Einstellungen die von meiner Seite relevant sind. Weitere Einstellungen wie z.B. Sperren einzelner Webseiten, Entwicklertools, Auto Update, Suchmaschinen werden hier nicht berücksichtigt.
Allgemein
Computerkonfiguration\Richtlinien\Administrative Vorlagen\Windows Komponenten\Microsoft EdgeComputer Configuration\Policies\Administrative Templates\Windows Components\Microsoft EdgeAdobe Flash zulassen / Allow Adobe Flash
Status: Deaktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Addons!FlashPlayerEnabled
REG_DWORD: 0HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\MicrosoftEdge\Addons!FlashPlayerEnabled
REG_DWORD: 0DNT konfigurieren / Configure Do Not Track
Status: Deaktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main!DoNotTrack
REG_DWORD: 0HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main!DoNotTrack
REG_DWORD: 0Erweiterte Telemetrie für Registerkarte „Bücher“ zulassen / Allow extended telemetry for the Books tab
Status: Deaktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\BooksLibrary!EnableExtendedBooksTelemetry
REG_DWORD: 0HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\BooksLibrary!EnableExtendedBooksTelemetry
REG_DWORD: 0Erweiterungen zulassen / Allow Extensions
Status: Deaktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Extensions!ExtensionsEnabled
REG_DWORD: 0HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Extensions!ExtensionsEnabled
REG_DWORD: 0Klick-und-Los-Einstellung für Adobe Flash konfigurieren / Configure the Adobe Flash Click-to-Run setting
Status: Deaktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Security!FlashClickToRunMode
REG_DWORD: 0HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Security!FlashClickToRunMode
REG_DWORD: 0Konfigurationsupdates für die Bücherbibliothek zulassen / Allow configuration updates for the Books Library
Status: Deaktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\BooksLibrary!AllowConfigurationUpdateForBooksLibrary
REG_DWORD: 0HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\MicrosoftEdge\BooksLibrary!AllowConfigurationUpdateForBooksLibrary
REG_DWORD: 0Löschen von Browserdaten beim Beenden zulassen / Allow clearing browsing data on exit
Status: Aktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Privacy!ClearBrowsingHistoryOnExit
REG_DWORD: 1HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Privacy!ClearBrowsingHistoryOnExit
REG_DWORD: 1Suchvorschläge in Adressleiste konfigurieren / Configure search suggestions in Address bar
Status: Deaktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\SearchScopes!ShowSearchSuggestionsGlobal
REG_DWORD: 0HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\SearchScopes!ShowSearchSuggestionsGlobal
REG_DWORD: 0Umgehung der Windows Defender SmartScreen-Aufforderung für Dateien verhindern / Prevent bypassing Windows Defender SmartScreen prompts for files
Status: Aktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter!PreventOverrideAppRepUnknown
REG_DWORD: 1HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\PhishingFilter!PreventOverrideAppRepUnknown
REG_DWORD: 1Umgehung der Windows Defender SmartScreen-Aufforderungen für Websites verhindern / Prevent bypassing Windows Defender SmartScreen prompts for sites
Status: Aktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter!PreventOverride
REG_DWORD: 1HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\PhishingFilter!PreventOverride
REG_DWORD: 1Verhindern, dass die Einrichtungs-Webseite in Microsoft Edge geöffnet wird / Prevent the First Run webpage from opening on Microsoft Edge
Status: Aktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main!PreventFirstRunPage
REG_DWORD: 1HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main!PreventFirstRunPage
REG_DWORD: 1Verhindern, dass Microsoft Edge beim Starten von Windows und bei jedem Schließen von Microsoft Edge die Startseite und die Seite „neue Registerkarte“ startet und lädt / Prevent Microsoft Edge from starting and loading the Start and New Tab page at Windows startup and eache time Microsoft Edge ist closed
Stauts: Aktiviert
Wert auswahl: Vorabladen von Registerkarten verhindern (Prevent Tab preloading)
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\TabPreloader!PreventTabPreloading
REG_DWORD: 1HKEY_LOCAL_ACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\TabPreloader!PreventTabPreloading
REG_DWORD: 1Verhindern, dass Microsoft Edge Live-Kachel-Informationen erfasst, wenn eione Website an das Startmenü angeheftet wird /
Prevent Microsoft Edge from gathering Live Tile information when pinning a site to Start
Status: Aktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main!PreventLiveTileDataCollection
REG_DWORD: 1HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main!PreventLiveTileDataCollection
REG_DWORD: 1Verwendung der Localhost IP-Addresse für WebRTC verhindern / Prevent using Localhost IP address for WebRTC
Status: Aktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main!HideLocalHostIP
REG_DWORD: 1HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main!HideLocalHostIP
REG_DWORD: 1Vorschläge in Dropdownliste der Adressleiste zulassen / Allow Address bar drop-down list suggestions
Status: Deaktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\ServiceUI!ShowOneBox
REG_DWORD: 0HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\ServiceUI!ShowOneBox
REG_DWORD: 0Windows Defender SmartScreen konfigurieren / Configure Windows Defender SmartScreen
Status: Deaktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter!EnabledV9
REG_DWORD: 0HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\PhishingFilter!EnabledV9
REG_DWORD: 0Zugriff auf die Seite „about:flags“ in Microsoft Edge verhindern /
Prevent access to the about:flags page in Microsoft Edge
Status: Aktiviert
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main!PreventAccessToAboutflagsInMicrosoftEdge
REG_DWORD: 1HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main!PreventAccessToAboutflagsInMicrosoftEdge
REG_DWORD: 1Powershell Skript für vorherige Konfiguration
# Registry eintraege - deaktivieren
$reg = @(
# Einstellungen Sync
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Addons";name="FlashPlayerEnabled ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Addons";name="FlashPlayerEnabled ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main";name="DoNotTrack ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main";name="DoNotTrack ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\BooksLibrary";name="EnableExtendedBooksTelemetry ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\BooksLibrary";name="EnableExtendedBooksTelemetry ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Extensions";name="ExtensionsEnabled ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Extensions";name="ExtensionsEnabled ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Security";name="FlashClickToRunMode ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Security";name="FlashClickToRunMode ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\BooksLibrary";name="AllowConfigurationUpdateForBooksLibrary ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\BooksLibrary";name="AllowConfigurationUpdateForBooksLibrary ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Privacy";name="ClearBrowsingHistoryOnExit ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Privacy";name="ClearBrowsingHistoryOnExit ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\SearchScopes";name="ShowSearchSuggestionsGlobal ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\SearchScopes";name="ShowSearchSuggestionsGlobal ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter";name="PreventOverrideAppRepUnknown";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\PhishingFilter";name="PreventOverrideAppRepUnknown";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter";name="PreventOverride ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\PhishingFilter";name="PreventOverride ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main";name="PreventFirstRunPage ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main";name="PreventFirstRunPage ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\TabPreloader";name="PreventTabPreloading ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\TabPreloader";name="PreventTabPreloading ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main";name="PreventLiveTileDataCollection ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main";name="PreventLiveTileDataCollection ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main";name="HideLocalHostIP ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main";name="HideLocalHostIP ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\ServiceUI";name="ShowOneBox ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\ServiceUI";name="ShowOneBox ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter";name="EnabledV9 ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\PhishingFilter";name="EnabledV9 ";value="0";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main";name="PreventAccessToAboutflagsInMicrosoftEdge ";value="1";type="DWord"}
[PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main";name="PreventAccessToAboutflagsInMicrosoftEdge ";value="1";type="DWord"}
)
# Reg-Eintraege schreiben
foreach($r in $reg){
if(Test-Path $r.path){
New-ItemProperty -Path $r.path -Name $r.name -Value $r.value -PropertyType $r.type -Force | Out-Null
}
else{
New-Item -Path $r.path -Force | Out-Null
New-ItemProperty -Path $r.path -Name $r.name -Value $r.value -PropertyType $r.type -Force | Out-Null
}
}
Ein Kommentar
Pingback: