Before IE10, the internet explorer settings were able to manage using Internet Explorer Maintenance (IEM) in group policy. If your organization have IE settings published using IEM, it will not applying anymore to IE10 and IE11.
If its windows 2012 or later AD environment it is not a problem you can simply publish these settings using new IE setting publish method in GPO, but if its Windows 2008 and Windows 2008 R2 it need to follow different method. In this post I will explain how to do it in windows 2008 R2 AD environment.
Before IE10 you can publish settings via GPO using User Configuration > Policies > Windows Settings > Internet Explorer Maintenance. But if your server running with IE10 or IE11 you can’t see it any more in GPO.
The new method is to publish IE settings via, User Configurations > Control Panel Settings > Internet Settings. There you can create settings based on IE version. In my demo I am using a DC server with windows 2008 R2 and IE 11 installed. But here I can’t see option to publish IE10 or IE11.
So how we can do it?
In order to publish IE10+ settings need one of following from same domain,
1) Windows 2012 or newer server with Group Policy Management Feature installed
2) Windows 8.0 machine with latest RSAT tools https://www.microsoft.com/en-gb/download/details.aspx?id=28972
3) Windows 8.1 machine with latest RSAT tools https://www.microsoft.com/en-us/download/details.aspx?id=39296
4) Windows 10 machine with latest RSAT tools https://www.microsoft.com/en-us/download/details.aspx?id=45520
Also make sure the system is running with latest updates.
Remote Server Administration Tools (RSAT) enables IT administrators to remotely manage roles and features in Windows Server 2012 R2, Windows Server 2012, Windows Server 2008, and Windows Server 2008 R2 from a computer that is running Windows 8.1, Windows 8 or newer.
In my demo I am using a windows 8.1 machine with RSAT installed.
1) To start log in to the PC with Domain Administrator Privileges.
2) Then go to programs and click on Group Policy Management
3) Once its load up, expand the console and go to the domain, right click and select Create GPO in this domain, and Link it here.
In my demo I am going to create new GPO to publish the IE settings.
4) Type the new policy name and click ok
5) Then right click on newly added policy and click on edit
6) Expand the policy settings and go to User Configuration > Preferences > Control Panel Settings > Internet Settings. The Right click and select new. Here now we can see the IE 10. There is no IE11 settings. IE10 settings valid for IE11 too. Click on “Internet Explorer 10” to publish the settings.
7) Now it will open up the window and its looks similar to typical IE settings interface.
8) Type the changes you like to publish.
9) One thing you need to make sure is once publish the changes press “F6” to apply the changes. If its works fine the red dotted line will change to green dotted line. It doesn’t matter what ever the changes you put, if you not activate it with pressing F6 it will not publish.
10) Click ok to submit the settings and in here you can see it save the IE10 Browser settings.
11) It’s time for testing and let’s see if it’s applied the new settings published for IE11.
12) Yes it is worked fine. One thing you need to keep in mind is if you need to do changes to the GPO, need to use one of the above mentioned option. You can’t edit new values with windows 2008 r2.
If you have any questions feel free to contact me on firstname.lastname@example.org