Appendix C: Group Policy Settings Listed Under the Internet Communication Management Key

  • Article

Applies To: Windows Server 2003 with SP1

The Internet Communication Management Key in Group Policy

Windows Server 2003 Service Pack 1 (SP1) contains Group Policy settings that were not available in the original release of Windows Server 2003. Some of these settings can be found in Group Policy under a new key called Internet Communication Management. This new key is located within GPMC in Computer Configuration\Administrative Templates\System and in User Configuration\Administrative Templates\System. This appendix describes the settings under the Internet Communication Management key, and the way in which one setting, Restrict Internet communication, controls multiple other settings.

The settings under the Internet Communication Management key are designed to help you control the way components in Windows Server 2003 with SP1 communicate with the Internet. Other settings can also help with controlling the way components communicate with the Internet.

Individual settings under Internet Communication Management for specific components are described in the appropriate sections of this white paper and in the Explain text in the settings, as well as being described in this appendix. For example, the setting called Turn off Event Viewer "Events.asp" links, located under Internet Communication Management, is described in the section about Event Viewer, in the Explain text in the setting itself, and in this appendix. Many other Group Policy settings (beyond the ones described in this appendix) are also described in appropriate sections of this white paper.

Controlling Multiple Settings Through the Restrict Internet Communication Setting

There are multiple ways to configure the new Group Policy settings under Internet Communication Management in Windows Server 2003 with SP1. You can configure settings individually, which means you could configure, for example, Turn off Event Viewer "Events.asp" links differently from Turn off Windows Error Reporting. Alternatively, you can enable or disable the entire collection of settings at one time by configuring a setting that controls them all. This setting is called Restrict Internet communication.

If you want to enable or disable Restrict Internet communication and then create exceptions to this master setting by configuring individual settings in the Internet Communication Management key, you must use two GPOs. To do this, ensure that you understand how processing and precedence works for multiple GPOs (for example, see the Help for GPMC). Choose or create a GPO that has lower precedence than another GPO. In the GPO with lower precedence, enable or disable Restrict Internet communication. Then, in the GPO that has precedence over it, apply the individual settings that are exceptions to the master setting. If you do not use two GPOs when setting both Restrict Internet communication and individual settings that are exceptions to the master setting, the settings might not work as expected.

To check the effect of multiple Group Policy settings, you can use Group Policy Results in GPMC. For more information, see the Help in GPMC.

Settings That Affect Computer Configuration

This subsection of the appendix describes settings under Internet Communication Management in the Administrative template for computer configuration (which contrasts with the template for user configuration, described later in this appendix). For all these settings, the following is true:

  • The settings apply to all users of a computer running Windows Server 2003 with SP1 and come into effect when the computer starts or when Group Policy is refreshed.

  • Within GPMC, these settings are located in Computer Configuration\Administrative Templates\System\Internet Communication Management\Internet Communication settings.

  • All of the settings can be enabled or disabled in one step by enabling or disabling the master setting that controls them, Restrict Internet communication. This setting is located in Computer Configuration\Administrative Templates\System\Internet Communication Management. When you change this setting, the change affects all of the settings in the following list, even if you previously configured individual settings in different ways.

Note

This appendix does not describe all Group Policy settings that are available in Windows Server 2003 with SP1. It describes only the settings available under Internet Communication Management. For sources of information about new settings available in Windows Server 2003 with SP1, see Appendix B: Resources for Learning About Group Policy.

Individual Settings That Affect Computer Configuration

The following list describes the computer configuration settings under Internet Communication Management that are outlined in the previous subsection.

Note

More details about each setting are available in the Explain text for the setting. To view the text, select the setting in Group Policy and click the Extended tab, or open the setting and click the Explain tab.

  • Turn off the "Publish to Web" task for files and folders: Specifies whether the tasks for publishing items to the Web are available from File and Folder Tasks in Windows folders. These tasks are Publish this file to the Web, Publish this folder to the Web, and Publish the selected items to the Web.

    This setting is also described in Appendix J: Online Ordering Wizards, Add Network Place Wizard, and New Connection Wizard in this white paper.

  • Turn off Internet download for Web publishing and online ordering wizards: Specifies whether Windows should download a list of providers for the Web Publishing Wizard, the Add Network Place Wizard, and the Online Print Wizard. By default, Windows displays providers downloaded from a Windows Web site in addition to providers specified in the registry. If you enable this setting, Windows will not download providers and only the service providers that are stored in the local registry will be displayed. When Windows Server 2003 with SP1 has been installed but the Web publishing and online ordering wizards have not yet been used, no service providers are stored in the local registry. If this Group Policy setting is applied at that time, the wizards will not display links to service providers.

    For more information about the registry keys in which providers can be specified, see "Registering a Service" at the MSDN Web site at:

    https://go.microsoft.com/fwlink/?LinkId=29134

    This setting is also described in Appendix J: Online Ordering Wizards, Add Network Place Wizard, and New Connection Wizard in this white paper.

  • Turn off the "Order Prints" picture task: Specifies whether the "Order Prints Online" task is available from Picture Tasks in Windows folders.

    This setting is also described in Appendix J: Online Ordering Wizards, Add Network Place Wizard, and New Connection Wizard in this white paper.

  • Turn off the Windows Messenger Customer Experience Improvement Program: Affects Windows XP with SP2, not Windows Server 2003. This setting specifies whether Windows Messenger collects anonymous information about how Windows Messenger software and service is used. With the Customer Experience Improvement program, users can allow Microsoft to collect anonymous information about how the product is used. This information is used to improve the product in future releases.

  • Turn off Help and Support Center "Did you know?" content: Specifies whether to show the Headines area of Help and Support Center. By default, the Headlines area in Windows XP is labeled Did you know? and in Windows Server 2003 is labeled Top Issues. By default, this content is dynamically updated when users are connected to the Internet and open Help and Support Center.

    This setting is also described in the section of this white paper titled Help and Support Center: Features That Communicate with the Internet.

  • Turn off Help and Support Center Microsoft Knowledge Base search: Specifies whether users can perform a Microsoft Knowledge Base search from Help and Support Center. The Knowledge Base is an online source of technical support information and self-help tools for Microsoft products. By default, if a user performs a search through Help and Support Center, the Knowledge Base is included in the search. It can be excluded if a user opens the Search Options page in Help and Support Center and clears the Microsoft Knowledge Base check box.

    This setting is also described in the section of this white paper titled Help and Support Center: Features That Communicate with the Internet.

  • Turn off Windows Error Reporting: Specifies whether error reports from a system or application that has stopped responding are sent to Microsoft. Error reports are used to improve the quality of the product. This setting overrides any user setting made from the Control Panel for error reporting.

    This setting and other ways of controlling error reporting through Group Policy are described in Windows Error Reporting and Internet Communication in this white paper.

  • Turn off Internet File Association service: Specifies whether to use the Web-based File Association service, or whether to use only locally stored information about file name extensions, file types, and the applications or components to use when opening a particular file type. The file association Web service is used only when a user tries to open a file and there is no locally stored information about the file name extension.

    This setting is also described in File Association Web Service and Internet Communication in this white paper.

  • Turn off Internet Connection Wizard if URL connection is referring to Microsoft.com: Affects Windows XP with SP2, not Windows Server 2003. This setting specifies whether the Internet Connection Wizard can connect to Microsoft to download a list of Internet Service Providers (ISPs). If you enable this setting, and a user running the New Connection Wizard clicks Choose from a list of Internet Service Providers (ISPs), finishes the wizard, and clicks Refer me to more Internet Service Providers, a message appears, saying that the user cannot complete the Internet Connection Wizard. This prevents users from retrieving the list of ISPs, which resides on Microsoft servers.

  • Turn off Event Viewer "Events.asp" links: Specifies whether Internet links shown within events in Event Viewer are activated. When such a link is activated and the user clicks it, information that identifies the event is sent to a Microsoft Web site so that explanatory text, if available, can be sent back to the user.

    This setting and the information sent and received when an Event Viewer link is clicked are described in Event Viewer and Internet Communication in this white paper.

  • Turn off Automatic Root Certificates Update: Specifies whether to automatically update root certificates using the list of trusted certification authorities that Microsoft maintains on the Windows Update Web site. If you enable this setting, when a user is presented with a certificate issued by an untrusted root authority, the user’s computer will not contact the Windows Update web site.

    This setting and the way that root certificate updates work are described in Certificate Support and Internet Communication in this white paper.

  • Turn off Registration if URL connection is referring to Microsoft.com: Specifies whether the Windows Registration Wizard connects to Microsoft.com for online registration.

    This setting and the differences between registration and activation are described in the section of this white paper titled Activation, Registration, and Resulting Internet Communication in Windows Server 2003 with Service Pack 1.

  • Turn off Search Companion content file updates: Specifies whether Search Companion should automatically download content updates during local and Internet searches.

    This setting and the way that Search Companion works for local and Internet searches are described in Search Companion and Internet Communication in this white paper.

  • Turn off printing over HTTP: Specifies whether to allow printing over HTTP from this computer. Note that this setting does not control whether the computer can act as an Internet print server.

    Internet printing is described briefly in the subsection titled "Internet Printing" in Internet Information Services and Internet Communication in this white paper.

  • Turn off downloading of print drivers over HTTP: Specifies whether to allow this computer to download print drivers over HTTP when needed.

    Internet printing is described briefly in the subsection titled "Internet Printing" in Internet Information Services and Internet Communication in this white paper.

  • Turn off Windows Update device driver searching: Specifies whether Windows searches Windows Update for device drivers when no local drivers for a device are present.

    This setting is described in Plug and Play and Internet Communication in this white paper. Related details about the searching of Windows Update for device drivers are described in Device Manager, Hardware Wizards, and Internet Communication in this white paper.

  • Turn off access to all Windows Update features: Specifies whether Windows Update can be used to update the operating system on this computer.

    This setting is described in Windows Update, Automatic Updates, and Internet Communication in this white paper.

  • Turn off Windows Movie Maker automatic codec downloads: Affects Windows XP with SP2, not Windows Server 2003. This setting specifies whether Windows Movie Maker automatically downloads missing codecs for audio and video files. A codec—compressor/decompressor—is software that compresses or decompresses audio or video data.

  • Turn off Windows Movie Maker online Web links: Affects Windows XP with SP2, not Windows Server 2003. This setting specifies whether links to Web sites are available in Windows Movie Maker.

  • Turn off Windows Movie Maker saving to online video hosting provider: Affects Windows XP with SP2, not Windows Server 2003. This setting specifies whether users can send a final movie to a video hosting provider on the Web.

Settings That Affect User Configuration

This subsection of the appendix describes settings under Internet Communication Management in the Administrative template for user configuration (which contrasts with the template for computer configuration). For all these settings, the following is true:

  • The settings apply to the individual user and come into effect when the user logs on or when Group Policy is refreshed.

  • Within GPMC, these settings are located in User Configuration\Administrative Templates\System\Internet Communication Management\Internet Communication settings.

  • All of the settings can be enabled or disabled in one step by enabling or disabling the master setting that controls them, Restrict Internet communication. This setting is located in User Configuration\Administrative Templates\System\Internet Communication Management. When you change this setting, the change affects all of the settings in the following list, even if you previously configured individual settings in different ways.

    Note

    This appendix does not describe all Group Policy settings available in Windows Server 2003 with SP1. It describes only the settings available under Internet Communication Management. For sources of information about new settings available in Windows Server 2003 with SP1, see Appendix B: Resources for Learning About Group Policy.

Individual Settings That Affect User Configuration

The user configuration settings under Internet Communication Management are as follows. For a description of a particular setting, find the setting under "Individual Settings That Affect Computer Configuration," earlier in this section. Alternatively, you can select the setting in Group Policy and click the Extended tab, or open the setting and click the Explain tab.

  • Turn off the "Publish to Web" task for files and folders

  • Turn off Internet download for Web publishing and online ordering wizards

  • Turn off the "Order Prints" picture task

  • Turn off the Windows Messenger Customer Experience Improvement Program

  • Turn off Internet File Association service

  • Turn off printing over HTTP

  • Turn off downloading of print drivers over HTTP

  • Turn off Windows Movie Maker automatic codec downloads

  • Turn off Windows Movie Maker online Web links

  • Turn off Windows Movie Maker saving to online video hosting provider