Need Registry Fix for Setting

[Guest]

I need to find a way to push this out to all of our workstations:

Somehow, a security setting was set on all our workstations which made this
a problem that I have to fix. I can't figure out which setting did it.

In IE 6 SP1, some of our web apps need to be able to open different types of
documents withing the browser window, such as .DOC, .XLS, .PDF. Now whenever
the browser is supposed to open such a file, it comes up with the standard
File Download Window: "Would you like to open the file or save it to your
computer?...Always ask before opening this type of file" Even if I unchedk
the "Always ask before opening this type of file", for any of the files, the
message keeps coming up every single time. If I go into Windows Explorer,
Click Tools->Folder Options, File Types Tab, highlight the specified
extension (.DOC), Click Advanced, Then UNCHECK "Confirm open after download",
the problem is solved. However, I need help finding a way to push this out
to multiple computers through AD, either a Group Policy change or a registry
change.

Thanks so much

 

[Guest]

Starting with Word doc files, the registry setting for "confirm open after
download" is in

[HKEY_CLASSES_ROOT\Word.Document.8]
@="Microsoft Word Document"
"EditFlags"=dword:00010000

The EditFlags dword value is normally 00000000 if the "confirm open after
download" box is checked. Armed with that information, you could build a
custom security template, then import that template into a GPO to distribute.
See

http://support.microsoft.com/kb/214752/EN-US/

and

http://www.windowsecurity.com/articles/Customizing-Windows-Security-Templates.html

All of the examples in the above articles modify registry settings with
HKLM, not HKCR, so I don't know what the exact syntax would be for specifying
a key within HKCR in the sceregvl.inf file. A guess is

ROOT\Word.Document.8

Good luck,

-Mark Williams

 

[Guest]

Well, I just tried editing sceregvl.inf, and specifying the path to
HKCR\Word.Document.8 as

ROOT\Word.Document.8
HKEY_CLASSES_ROOT\Word.Document.8
CLASSES\Word.Document.8

created a new security template, defined the value for EditFlags, and none
of them worked. Maybe sceregvl.inf only allows keys within KHLM?


--

Starting with Word doc files, the registry setting for "confirm open after
download" is in

[HKEY_CLASSES_ROOT\Word.Document.8]
@="Microsoft Word Document"
"EditFlags"=dword:00010000

The EditFlags dword value is normally 00000000 if the "confirm open after
download" box is checked. Armed with that information, you could build a
custom security template, then import that template into a GPO to distribute.
See

http://support.microsoft.com/kb/214752/EN-US/

and

http://www.windowsecurity.com/articles/Customizing-Windows-Security-Templates.html

All of the examples in the above articles modify registry settings with
HKLM, not HKCR, so I don't know what the exact syntax would be for specifying
a key within HKCR in the sceregvl.inf file. A guess is

ROOT\Word.Document.8

Good luck,

-Mark Williams
--

I need to find a way to push this out to all of our workstations:

Somehow, a security setting was set on all our workstations which made this
a problem that I have to fix. I can't figure out which setting did it.

In IE 6 SP1, some of our web apps need to be able to open different types of
documents withing the browser window, such as .DOC, .XLS, .PDF. Now whenever
the browser is supposed to open such a file, it comes up with the standard
File Download Window: "Would you like to open the file or save it to your
computer?...Always ask before opening this type of file" Even if I unchedk
the "Always ask before opening this type of file", for any of the files, the
message keeps coming up every single time. If I go into Windows Explorer,
Click Tools->Folder Options, File Types Tab, highlight the specified
extension (.DOC), Click Advanced, Then UNCHECK "Confirm open after download",
the problem is solved. However, I need help finding a way to push this out
to multiple computers through AD, either a Group Policy change or a registry
change.

Thanks so much