Datenschutz und Sicherheit in Microsoft Edge über GPO

Datenschutz und Sicherheit in Microsoft Edge über GPO

Erweiterte Datenschutz und Sicherheitseinstellungen über GPO für Microsoft Edge.

Hier finden Sie einige Einstellungen die von meiner Seite relevant sind. Weitere Einstellungen wie z.B. Sperren einzelner Webseiten, Entwicklertools, Auto Update, Suchmaschinen werden hier nicht berücksichtigt.

Microsoft Edge
Microsoft Edge

Allgemein

Computerkonfiguration\Richtlinien\Administrative Vorlagen\Windows Komponenten\Microsoft Edge
Computer Configuration\Policies\Administrative Templates\Windows Components\Microsoft Edge

Adobe Flash zulassen
Allow Adobe Flash

Status: Deaktiviert

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Addons!FlashPlayerEnabled
REG_DWORD: 0
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\MicrosoftEdge\Addons!FlashPlayerEnabled
REG_DWORD: 0

DNT konfigurieren
Configure Do Not Track

Status: Deaktiviert

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main!DoNotTrack
REG_DWORD: 0
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main!DoNotTrack
REG_DWORD: 0

Erweiterte Telemetrie für Registerkarte „Bücher“ zulassen
Allow extended telemetry for the Books tab

Status: Deaktiviert

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\BooksLibrary!EnableExtendedBooksTelemetry
REG_DWORD: 0
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\BooksLibrary!EnableExtendedBooksTelemetry
REG_DWORD: 0

Erweiterungen zulassen
Allow Extensions

Status: Deaktiviert

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Extensions!ExtensionsEnabled
REG_DWORD: 0
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Extensions!ExtensionsEnabled
REG_DWORD: 0

Klick-und-Los-Einstellung für Adobe Flash konfigurieren
Configure the Adobe Flash Click-to-Run setting

Status: Deaktiviert

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Security!FlashClickToRunMode
REG_DWORD: 0
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Security!FlashClickToRunMode
REG_DWORD: 0

Konfigurationsupdates für die Bücherbibliothek zulassen
Allow configuration updates for the Books Library

Status: Deaktiviert

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\BooksLibrary!AllowConfigurationUpdateForBooksLibrary
REG_DWORD: 0
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\MicrosoftEdge\BooksLibrary!AllowConfigurationUpdateForBooksLibrary
REG_DWORD: 0

Löschen von Browserdaten beim Beenden zulassen
Allow clearing browsing data on exit

Status: Aktiviert

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Privacy!ClearBrowsingHistoryOnExit
REG_DWORD: 1
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Privacy!ClearBrowsingHistoryOnExit
REG_DWORD: 1

Suchvorschläge in Adressleiste konfigurieren
Configure search suggestions in Address bar

Status: Deaktiviert

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\SearchScopes!ShowSearchSuggestionsGlobal
REG_DWORD: 0
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\SearchScopes!ShowSearchSuggestionsGlobal
REG_DWORD: 0

Umgehung der Windows Defender SmartScreen-Aufforderung für Dateien verhindern
Prevent bypassing Windows Defender SmartScreen prompts for files

Status: Aktiviert

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter!PreventOverrideAppRepUnknown
REG_DWORD: 1
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\PhishingFilter!PreventOverrideAppRepUnknown
REG_DWORD: 1

Umgehung der Windows Defender SmartScreen-Aufforderungen für Websites verhindern
Prevent bypassing Windows Defender SmartScreen prompts for sites

Status: Aktiviert

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter!PreventOverride
REG_DWORD: 1
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\PhishingFilter!PreventOverride
REG_DWORD: 1

Verhindern, dass die Einrichtungs-Webseite in Microsoft Edge geöffnet wird
Prevent the First Run webpage from opening on Microsoft Edge

Status: Aktiviert

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main!PreventFirstRunPage
REG_DWORD: 1
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main!PreventFirstRunPage
REG_DWORD: 1

Verhindern, dass Microsoft Edge beim Starten von Windows und bei jedem Schließen von Microsoft Edge die Startseite und die Seite „neue Registerkarte“ startet und lädt
Prevent Microsoft Edge from starting and loading the Start and New Tab page at Windows startup and eache time Microsoft Edge ist closed

Stauts: Aktiviert
Wert auswahl: Vorabladen von Registerkarten verhindern (Prevent Tab preloading)

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\TabPreloader!PreventTabPreloading
REG_DWORD: 1
HKEY_LOCAL_ACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\TabPreloader!PreventTabPreloading
REG_DWORD: 1

Verhindern, dass Microsoft Edge Live-Kachel-Informationen erfasst, wenn eione Website an das Startmenü angeheftet wird
Prevent Microsoft Edge from gathering Live Tile information when pinning a site to Start

Status: Aktiviert

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main!PreventLiveTileDataCollection
REG_DWORD: 1
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main!PreventLiveTileDataCollection
REG_DWORD: 1

Verwendung der Localhost IP-Addresse für WebRTC verhindern
Prevent using Localhost IP address for WebRTC

Status: Aktiviert

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main!HideLocalHostIP
REG_DWORD: 1
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main!HideLocalHostIP
REG_DWORD: 1

Vorschläge in Dropdownliste der Adressleiste zulassen
Allow Address bar drop-down list suggestions

Status: Deaktiviert

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\ServiceUI!ShowOneBox
REG_DWORD: 0
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\ServiceUI!ShowOneBox
REG_DWORD: 0

Windows Defender SmartScreen konfigurieren
Configure Windows Defender SmartScreen

Status: Deaktiviert

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter!EnabledV9
REG_DWORD: 0
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\PhishingFilter!EnabledV9
REG_DWORD: 0

Zugriff auf die Seite „about:flags“ in Microsoft Edge verhindern
Prevent access to the about:flags page in Microsoft Edge

Status: Aktiviert

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main!PreventAccessToAboutflagsInMicrosoftEdge
REG_DWORD: 1
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main!PreventAccessToAboutflagsInMicrosoftEdge
REG_DWORD: 1

Skript für vorherige Konfiguration

# Registry eintraege - deaktivieren
$reg = @(    
    # Einstellungen Sync
    [PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Addons";name="FlashPlayerEnabled ";value="0";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Addons";name="FlashPlayerEnabled ";value="0";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main";name="DoNotTrack ";value="0";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main";name="DoNotTrack ";value="0";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\BooksLibrary";name="EnableExtendedBooksTelemetry ";value="0";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\BooksLibrary";name="EnableExtendedBooksTelemetry ";value="0";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Extensions";name="ExtensionsEnabled ";value="0";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Extensions";name="ExtensionsEnabled ";value="0";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Security";name="FlashClickToRunMode ";value="0";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Security";name="FlashClickToRunMode ";value="0";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\BooksLibrary";name="AllowConfigurationUpdateForBooksLibrary ";value="0";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\BooksLibrary";name="AllowConfigurationUpdateForBooksLibrary ";value="0";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Privacy";name="ClearBrowsingHistoryOnExit ";value="1";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Privacy";name="ClearBrowsingHistoryOnExit ";value="1";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\SearchScopes";name="ShowSearchSuggestionsGlobal ";value="0";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\SearchScopes";name="ShowSearchSuggestionsGlobal ";value="0";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter";name="PreventOverrideAppRepUnknown";value="1";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\PhishingFilter";name="PreventOverrideAppRepUnknown";value="1";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter";name="PreventOverride ";value="1";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\PhishingFilter";name="PreventOverride ";value="1";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main";name="PreventFirstRunPage ";value="1";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main";name="PreventFirstRunPage ";value="1";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\TabPreloader";name="PreventTabPreloading ";value="1";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\TabPreloader";name="PreventTabPreloading ";value="1";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main";name="PreventLiveTileDataCollection ";value="1";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main";name="PreventLiveTileDataCollection ";value="1";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main";name="HideLocalHostIP ";value="1";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main";name="HideLocalHostIP ";value="1";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\ServiceUI";name="ShowOneBox ";value="0";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\ServiceUI";name="ShowOneBox ";value="0";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\PhishingFilter";name="EnabledV9 ";value="0";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\PhishingFilter";name="EnabledV9 ";value="0";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main";name="PreventAccessToAboutflagsInMicrosoftEdge ";value="1";type="DWord"}
    [PSCustomObject]@{path="HKLM:\SOFTWARE\WOW6432Node\Policies\Microsoft\MicrosoftEdge\Main";name="PreventAccessToAboutflagsInMicrosoftEdge ";value="1";type="DWord"}
)

# Reg-Eintraege schreiben
foreach($r in $reg){
    if(Test-Path $r.path){
        New-ItemProperty -Path $r.path -Name $r.name -Value $r.value -PropertyType $r.type -Force | Out-Null
    }
    else{
        New-Item -Path $r.path -Force | Out-Null
        New-ItemProperty -Path $r.path -Name $r.name -Value $r.value -PropertyType $r.type -Force | Out-Null
    }
}


Weitere Links

Informationen über Gruppenrichtlinien

One thought on “Datenschutz und Sicherheit in Microsoft Edge über GPO

Comments are closed.