Desktop Management Scripts - Internet Explorer
Add Sites to an Internet Explorer Security ZoneAdd a Web Site to the Favorites Menu
Delete an Allowed Protocol from an Internet Explorer Security Zone Site
Delete a Site from an Internet Explorer Security Zone
List Audited Internet Explorer Events from the Security Log
List Internet Explorer COM Object Settings
List Internet Explorer Cache Settings
List Internet Explorer Connection Summary Information
List Internet Explorer File Version Information
List Internet Explorer LAN Settings
List Internet Explorer Summary Settings
List Internet Explorer Security Setting Values
List Internet Explorer Security Zone Settings
List Internet Explorer Connection Settings
List Sites in Internet Explorer Security Zones
Modify Advanced Internet Explorer Settings
Modify Internet Explorer Advanced Settings
Monitor Internet Explorer Security Changes
Modify Internet Explorer Security Settings
Verify Internet Explorer Enhanced Security Configuration Status
Verify Whether Internet Explorer Enhanced Security is Enabled for the Logged-on User
You can use any of the VBScript programs below in ActiveXperts Network Monitor. Click here for an explanation about how to include scripts in ActiveXperts Network Monitor.
Add Sites to an Internet Explorer Security Zone
Adds the Web site Contoso.com to the Trusted sites zone and BenefitsWeb to the Local intranet zone on a computer running Internet Explorer Enhanced Security Configuration.
On Error Resume Next
Const HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}\\" & strComputer & _
"\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\" _
& "ZoneMap\ESCDomains\Contoso.com"
objReg.CreateKey HKEY_CURRENT_USER,strKeyPath
strValueName = "http"
dwValue = 2
objReg.SetDWORDValue HKEY_CURRENT_USER,strKeyPath,strValueName,dwValue
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\" _
& "ZoneMap\ESCDomains\BenefitsWeb"
objReg.CreateKey HKEY_CURRENT_USER,strKeyPath
strValueName = "*"
dwValue = 1
objReg.SetDWORDValue HKEY_CURRENT_USER,strKeyPath,strValueName,dwValue
Add a Web Site to the Favorites Menu
Adds a shortcut to msdn.microsoft.com to the Internet Favorites folder.
Const ADMINISTRATIVE_TOOLS = 6
Set objShell = CreateObject("Shell.Application")
Set objFolder = objShell.Namespace(ADMINISTRATIVE_TOOLS)
Set objFolderItem = objFolder.Self
Set objShell = WScript.CreateObject("WScript.Shell")
strDesktopFld = objFolderItem.Path
Set objURLShortcut = objShell.CreateShortcut(strDesktopFld & "\MSDN.url")
objURLShortcut.TargetPath = "http://msdn.microsoft.com"
objURLShortcut.Save
Delete an Allowed Protocol from an Internet Explorer Security Zone Site
Deletes the http protocol from the Finance site in an Internet Explorer security zone.
On Error Resume Next
Const HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}\\" & strComputer & _
"\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\" _
& "ZoneMap\ESCDomains\Finance"
strDWORDValueName = "http"
objReg.DeleteValue HKEY_CURRENT_USER,strKeyPath,strDWORDValueName
Delete a Site from an Internet Explorer Security Zone
Deletes the site Contoso.com from an Internet Explorer security zone.
On Error Resume Next
Const HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}\\" & strComputer & _
"\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\" _
& "ZoneMap\ESCDomains\Contoso.com"
objReg.DeleteKey HKEY_CURRENT_USER, strKeyPath
List Audited Internet Explorer Events from the Security Log
Retrieves audited Internet Explorer events from the Security event log.
On Error Resume Next
strComputer = "."
Set dtmDate = CreateObject("WbemScripting.SWbemDateTime")
Set objWMIService = GetObject("winmgmts:" _
& "{(Security)}!\\" & strComputer & "\root\cimv2")
Set colLoggedEvents = objWMIService.ExecQuery _
("SELECT * FROM Win32_NTLogEvent WHERE Logfile = 'Security' AND " _
& "EventCode = '560'")
For Each objEvent in colLoggedEvents
errResult = _
InStr(objEvent.Message,"\REGISTRY\MACHINE\SOFTWARE\Microsoft\")
If errResult <> 0 Then
Select Case objEvent.EventType
Case 4 strEventType = "Success"
Case 5 strEventType = "Failure"
End Select
Wscript.Echo objEvent.User
dtmDate.Value = objEvent.TimeWritten
dtmTimeWritten = dtmDate.GetVarDate
Wscript.Echo "Time written: " & dtmTimeWritten
Wscript.Echo strEventType
Wscript.Echo "Record number: " & objEvent.RecordNumber & VbCrLf
Wscript.Echo objEvent.Message
Wscript.Echo
End If
Next
List Internet Explorer COM Object Settings
Returns basic COM class information for Internet Explorer.
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & _
"\root\cimv2\Applications\MicrosoftIE")
Set colIESettings = objWMIService.ExecQuery _
("Select * from MicrosoftIE_Object")
For Each strIESetting in colIESettings
Wscript.Echo "Code base: " & strIESetting.CodeBase
Wscript.Echo "Program file: " & strIESetting.ProgramFile
Wscript.Echo "Status: " & strIESetting.Status
Next
List Internet Explorer Cache Settings
Returns configuration settings for the Internet Explorer cache.
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & _
"\root\cimv2\Applications\MicrosoftIE")
Set colIESettings = objWMIService.ExecQuery _
("Select * from MicrosoftIE_Cache")
For Each strIESetting in colIESettings
Wscript.Echo "Page refresh type: " & strIESetting.PageRefreshType
Wscript.Echo "Temporary Internet files folder: " & _
strIESetting.TempInternetFilesFolder
Next
List Internet Explorer Connection Summary Information
Returns basic connection information (including whether HTTP 1.1 has been enabled) for Internet Explorer.
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & _
"\root\cimv2\Applications\MicrosoftIE")
Set colIESettings = objWMIService.ExecQuery _
("Select * from MicrosoftIE_ConnectionSummary")
For Each strIESetting in colIESettings
Wscript.Echo "Connection preference: " & _
strIESetting.ConnectionPreference
Wscript.Echo "HTTP 1.1. enabled: " & strIESetting.EnableHTTP11
Wscript.Echo "Proxy HTTP 1.1. enabled: " & strIESetting.ProxyHTTP11
Next
List Internet Explorer File Version Information
Returns basic file version information for Internet Explorer.
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & _
"\root\cimv2\Applications\MicrosoftIE")
Set colIESettings = objWMIService.ExecQuery _
("Select * from MicrosoftIE_FileVersion")
For Each strIESetting in colIESettings
Wscript.Echo "Company: " & strIESetting.Company
Wscript.Echo "Date: " & strIESetting.Date
Wscript.Echo "File name: " & strIESetting.File
Wscript.Echo "Path: " & strIESetting.Path
Wscript.Echo "File size: " & strIESetting.Size
Wscript.Echo "Version: " & strIESetting.Version
Next
List Internet Explorer LAN Settings
Returns network information (including proxy server information) for Internet Explorer.
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & _
"\root\cimv2\Applications\MicrosoftIE")
Set colIESettings = objWMIService.ExecQuery _
("Select * from MicrosoftIE_LANSettings")
For Each strIESetting in colIESettings
Wscript.Echo "Autoconfiguration proxy: " & strIESetting.AutoConfigProxy
Wscript.Echo "Autoconfiguration URL: " & strIESetting.AutoConfigURL
Wscript.Echo "Autoconfiguration Proxy detection mode: " & _
strIESetting.AutoProxyDetectMode
Wscript.Echo "Proxy: " & strIESetting.Proxy
Wscript.Echo "Proxy override: " & strIESetting.ProxyOverride
Wscript.Echo "Proxy server: " & strIESetting.ProxyServer
Next
List Internet Explorer Summary Settings
Returns basic information (including version number and build number) for Internet Explorer.
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & _
"\root\cimv2\Applications\MicrosoftIE")
Set colIESettings = objWMIService.ExecQuery _
("Select * from MicrosoftIE_Summary")
For Each strIESetting in colIESettings
Wscript.Echo "Active printer: " & strIESetting.ActivePrinter
Wscript.Echo "Build: " & strIESetting.Build
Wscript.Echo "Cipher strength: " & strIESetting.CipherStrength
Wscript.Echo "Content advisor: " & strIESetting.ContentAdvisor
Wscript.Echo "IE Administration Kit installed: " & _
strIESetting.IEAKInstall
Wscript.Echo "Language: " & strIESetting.Language
Wscript.Echo "Name: " & strIESetting.Name
Wscript.Echo "Path: " & strIESetting.Path
Wscript.Echo "Product ID: " & strIESetting.ProductID
Wscript.Echo "Version: " & strIESetting.Version
Next
List Internet Explorer Security Setting Values
Demonstration script that indicates whether scripting is enabled in the Internet Explorer Local Intranet zone.
On Error Resume Next
Const HKEY_CURRENT_USER = &H80000001
strComputer = "."
strEntry = "1400"
Set objReg = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}\\" & strComputer & _
"\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\" _
& "Zones\1"
objReg.GetDWORDValue HKEY_CURRENT_USER, strKeyPath, strEntry, dwValue
Select Case dwValue
Case 0 strSetting = "Enabled"
Case 1 strSetting = "Prompt"
case 3 strSetting = "Disabled"
End Select
Wscript.Echo "Allow scripting: " & strSetting
List Internet Explorer Security Zone Settings
Retrieves the current setting level for each Internet Explorer security zone.
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & _
"\root\cimv2\Applications\MicrosoftIE")
Set colIESettings = objWMIService.ExecQuery _
("Select * from MicrosoftIE_Security")
For Each strIESetting in colIESettings
Wscript.Echo "Zone name: " & strIESetting.Zone
Wscript.Echo "Security level: " & strIESetting.Level
Next
List Internet Explorer Connection Settings
Returns information about Internet Explorer connection settings.
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}!\\" & strComputer & _
"\root\cimv2\Applications\MicrosoftIE")
Set colIESettings = objWMIService.ExecQuery _
("Select * from MicrosoftIE_ConnectionSettings")
For Each strIESetting in colIESettings
Wscript.Echo "Allow Internet programs: " & _
strIESetting.AllowInternetPrograms
Wscript.Echo "Autoconfiguration URL: " & strIESetting.AutoConfigURL
Wscript.Echo "Auto disconnect: " & strIESetting.AutoDisconnect
Wscript.Echo "Autoconfiguration proxy detection mode: " & _
strIESetting.AutoProxyDetectMode
Wscript.Echo "Data encryption: " & strIESetting.DataEncryption
Wscript.Echo "Default: " & strIESetting.Default
Wscript.Echo "Default gateway: " & strIESetting.DefaultGateway
Wscript.Echo "Dialup server: " & strIESetting.DialUpServer
Wscript.Echo "Disconnect idle time: " & strIESetting.DisconnectIdleTime
Wscript.Echo "Encrypted password: " & strIESetting.EncryptedPassword
Wscript.Echo "IP address: " & strIESetting.IPAddress
Wscript.Echo "IP header compression: " & _
strIESetting.IPHeaderCompression
Wscript.Echo "Modem: " & strIESetting.Modem
Wscript.Echo "Name: " & strIESetting.Name
Wscript.Echo "Network logon: " & strIESetting.NetworkLogon
Wscript.Echo "Network protocols: " & strIESetting.NetworkProtocols
Wscript.Echo "Primary DNS server: " & strIESetting.PrimaryDNS
Wscript.Echo "Primary WINS server: " & strIESetting.PrimaryWINS
Wscript.Echo "Proxy: " & strIESetting.Proxy
Wscript.Echo "Proxy override: " & strIESetting.ProxyOverride
Wscript.Echo "Proxy server: " & strIESetting.ProxyServer
Wscript.Echo "Redial attempts: " & strIESetting.RedialAttempts
Wscript.Echo "Redial wait: " & strIESetting.RedialWait
Wscript.Echo "Script fileame: " & strIESetting.ScriptFileName
Wscript.Echo "Secondary DNS server: " & strIESetting.SecondaryDNS
Wscript.Echo "Secondary WINS server: " & strIESetting.SecondaryWINS
Wscript.Echo "Server assigned IP address: " & _
strIESetting.ServerAssignedIPAddress
Wscript.Echo "Server assigned name server: " & _
strIESetting.ServerAssignedNameServer
Wscript.Echo "Software compression: " & strIESetting.SoftwareCompression
Next
List Sites in Internet Explorer Security Zones
Lists all the sites in the Internet Explorer security zones on a computer running IE Enhanced Security Configuration.
On Error Resume Next
Const HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}\\" & strComputer & _
"\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\" _
& "ZoneMap\ESCDomains"
objReg.EnumKey HKEY_CURRENT_USER, strKeyPath, arrSubKeys
For Each subkey In arrSubKeys
strNewPath = strKeyPath & "\" & subkey
ShowSubkeys
Next
Sub ShowSubkeys
arrPath = Split(strNewPath, "\")
intSiteName = Ubound(arrPath)
strSiteName = arrPath(intSiteName)
objReg.EnumValues HKEY_CURRENT_USER, strNewPath, arrEntries, arrValueTypes
If Not IsArray(arrEntries) Then
arrPath = Split(strNewPath, "\")
intSiteName = Ubound(arrPath)
strSiteName = arrPath(intSiteName)
Wscript.Echo strsitename
objReg.EnumKey HKEY_CURRENT_USER, strNewPath, arrSubKeys2
For Each subkey In arrSubKeys2
strNewPath2 = strNewPath & "\" & subkey
arrPath = Split(strNewPath2, "\")
intSiteName = Ubound(arrPath)
strSiteName = arrPath(intSiteName)
objReg.EnumValues HKEY_CURRENT_USER, strNewPath2, arrEntries2,_
arrValueTypes
For i = 0 to Ubound(arrEntries2)
objReg.GetDWORDValue HKEY_CURRENT_USER, strNewPath2, _
arrEntries2(i),dwValue
Next
Select Case dwValue
Case 0 strZone = "My Computer"
Case 1 strZone = "Local Intranet zone"
Case 2 strZone = "Trusted Sites Zone"
Case 3 strZone = "Internet Zone"
Case 4 strZone = "Restricted Sites Zone"
End Select
Wscript.Echo vbtab & strSiteName & " -- " & strZone
Next
End If
For i = 0 to Ubound(arrEntries)
objReg.GetDWORDValue HKEY_CURRENT_USER, strNewPath, _
arrEntries(i),dwValue
Next
Select Case dwValue
Case 0 strZone = "My Computer"
Case 1 strZone = "Local Intranet zone"
Case 2 strZone = "Trusted Sites Zone"
Case 3 strZone = "Internet Zone"
Case 4 strZone = "Restricted Sites Zone"
End Select
Wscript.Echo strSiteName & " -- " & strZone
End Sub
Modify Advanced Internet Explorer Settings
Demonstration script that disables the Download Complete message box that typically appears after downloading a file using Internet Explorer.
On Error Resume Next
Const HKEY_CURRENT_USER = &H80000001
strComputer = "."
strValue = "no"
Set objReg = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}\\" & strComputer & _
"\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Internet Explorer\Main"
objReg.SetStringValue HKEY_CURRENT_USER, strKeyPath, _
"NotifyDownloadComplete",strValue
Modify Internet Explorer Advanced Settings
Demonstration script that indicates whether the Internet Explorer Enhanced Security Configuration dialog box is displayed each time IE starts.
On Error Resume Next
Const HKEY_CURRENT_USER = &H80000001
strComputer = "."
strEntry = "DisplayTrustAlertDlg"
Set objReg = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}\\" & strComputer & _
"\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Internet Explorer\Main"
objReg.GetDWORDValue HKEY_CURRENT_USER, strKeyPath, strEntry ,dwValue
If dwValue = 1 Then
Wscript.Echo "Enhanced security dialog box is displayed."
Else
Wscript.Echo "Enhanced security dialog box is not displayed."
End If
Monitor Internet Explorer Security Changes
Issues an alert any time an audited Internet Explorer setting is changed and recorded in the Security event log.
On Error Resume Next
strComputer = "."
Set objWMIService = GetObject("winmgmts:" _
& "{"{impersonationLevel=impersonate,(Security)}!\\" & strComputer & _
"\root\cimv2")
Set colMonitoredEvents = objWMIService.ExecNotificationQuery _
("SELECT * FROM __InstanceCreationEvent WHERE TargetInstance ISA " _
& "'Win32_NTLogEvent' AND TargetInstance.EventCode = '560' AND " _
& "TargetInstance.Logfile = 'Security' GROUP WITHIN 2")
Do
Set objLatestEvent = colMonitoredEvents.NextEvent
strAlertToSend = "Internet Explorer security settings have been " & _
"changed."
Wscript.Echo strAlertToSend
Loop
Modify Internet Explorer Security Settings
Demonstration script that enables scripting for sites in the Internet Explorer Local Intranet zone.
On Error Resume Next
Const HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}\\" & strComputer & _
"\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\" _
& "Zones\1"
strEntryName = "1400"
dwvalue = 0
objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, strEntryName,dwValue
Verify Internet Explorer Enhanced Security Configuration Status
Reports the status of Internet Explorer Enhanced Security Configuration on a computer.
On Error Resume Next
Const HKEY_LOCAL_MACHINE = &H80000002
strComputer = "."
Set objReg = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}\\" & strComputer & _
"\root\default:StdRegProv")
strKeyPath = "SOFTWARE\Microsoft\Active Setup\Installed Components\" _
& "{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}"
strValueName = "IsInstalled"
objReg.GetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,intAdmin
strKeyPath = "SOFTWARE\Microsoft\Active Setup\Installed Components\" _
& "{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}"
strValueName = "IsInstalled"
objReg.GetDWORDValue HKEY_LOCAL_MACHINE,strKeyPath,strValueName,intUsers
strConfiguration = intAdmin & intUsers
Select Case strConfiguration
Case "00"
Wscript.Echo "The use of Internet Explorer is not restricted on " _
& "this server."
Case "01"
Wscript.Echo "The use of Internet Explorer is restricted for the " _
& "administrators group on this server. The use of Internet " _
& "Explorer is not restricted for any other user group."
Case "10"
Wscript.Echo "The use of Internet Explorer is not restricted for the" _
& " administrators group on this server. The use of Internet " _
& "Explorer is restricted for any other user group."
Case "11"
Wscript.Echo "The use of Internet Explorer is restricted for all " _
& "user groups on this server."
End Select
Verify Whether Internet Explorer Enhanced Security is Enabled for the Logged-on User
Indicates whether Internet Explorer Enhanced Security (IE hardening) is enabled for the current user of a computer.
On Error Resume Next
Const HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:" _
& "{impersonationLevel=impersonate}\\" & strComputer & _
"\root\default:StdRegProv")
strKeyPath = "SOFTWARE\Microsoft\Windows\CurrentVersion\Internet " _
& "Settings\ZoneMap"
strValueName = "IEHarden"
objReg.GetDWORDValue HKEY_CURRENT_USER,strKeyPath,strValueName,intHarden
If intHarden = 1 Then
Wscript.Echo "IE hardening is turned on for the current user."
Else
Wscript.Echo "IE hardening is not turned on for the current user."
End If