Technical Support > Hints & Tips
Prevent Toolbars in IE from running
Computer Configuration > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Advanced > Allow third-party browser extensions - Disabled
Add WSAdmin security group to Local Administrators group of all PC's
Computer Configuration > Windows Settings > Restricted Groups Right click, Add Group, Browse. Find and select WSAdmin.
Click to Add on the botton panel and type Administrators.
OWA won't open attachments IE9 - Deploy this setting via Group Policy
Default Domain Policy > Computer Configuration > Policies > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Advanced Page - Do not save encrypted pages to disk set to 'Disabled'
Also: Add the site to Security, Trusted Sites - More info
Default Domain Policy > Computer Configuration > Policies > Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page - Site to Zone assignment list Set Value Name: https://www.site.org Value:2
Allow Pop-Ups
Default Domain Policy > Computer Configuration > Policies > Administrative Templates > Windows Components > Internet Explorer - Pop-Up Allow List (Note that only the domain name is allowed e.g. www.contoso.com is allowed. Wildcards are allowed too e.g. *.contoso.com is valid but http://www.contoso.com is not allowed)
Enable Remote Shutdown
Group Policy to open port 445 for remote shutdown
Using the workstation GPO where the user section is normally disabled.
Computer Configuration > Policies > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile > Windows Firewall: Define inbound port exceptions - Enabled
[Add]
445:TCP:10.x.y.z:enabled:remoteshutdown
Allow ICMP (Ping) (needed if remote shutdown pings to check if machine is on)
Computer Configuration > Policies > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile > Windows Firewall: Allow ICMP exceptions - Enabled then check "Allow inbound echo requests"
Allow RDP remote desktop.
Computer Configuration > Policies > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile > Windows Firewall: Allow inbound remote desktop exceptions - Enabled - enter required IP address or range or just a * to accept from any network. Note just a * with no quotes, not "*".