Board logo

标题: [注册表类] 请教专家:使用bat脚本对内网IE环境一键配置 [打印本页]

作者: bg4jhj    时间: 2022-2-8 15:05     标题: 请教专家:使用bat脚本对内网IE环境一键配置

各位专家:
因为是内网环境,需要对IE进行配置才可以使用,但通过bing搜罗了一圈也没有搞全,希望大神们给与指导,万分感谢!
IE需求:
1、常规选项卡内:退出是删除浏览历史记录;检查存储的页面的较新版本选择“每次访问网页时”
2、安全选项卡内:受信任站点安全设置--显示混合内容选择“启用”;受信任站点安全设置--通过域访问数据源选择“启用”
3、高级选项卡内:关闭以下项目,对证书不匹配发出告警;检查发行商证书是否吊销;检查服务器证书是否吊销;检查下载程序的签名;启用集成windows验证
作者: bg4jhj    时间: 2022-2-8 15:07

下面是通过搜索东拼西凑来的脚本
@echo off
:: BatchGotAdmin
:----------提取管理权限---------------------------
REM --> Check for permissions
>nul 2>&1 "%SYSTEMROOT%\system32\cacls.exe" "%SYSTEMROOT%\system32\config\system"
REM --> If error flag set, we do not have admin.
if '%errorlevel%' NEQ '0' (
echo Requesting administrative privileges...
goto UACPrompt
) else ( goto gotAdmin )
:UACPrompt
echo Set UAC = CreateObject^("Shell.Application"^) > "%temp%\getadmin.vbs"
echo UAC.ShellExecute "%~s0", "", "", "runas", 1 >> "%temp%\getadmin.vbs"
"%temp%\getadmin.vbs"
exit /B
:gotAdmin
if exist "%temp%\getadmin.vbs" ( del "%temp%\getadmin.vbs" )
pushd "%CD%"
CD /D "%~dp0"
:--------------------------------------
echo 正在启用“ActiveX 控件自动提示” ...
::数值0表示“启用”,3表示“禁用”
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1" /v 2201  /t REG_DWORD /d 0x00000000 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" /v 2201  /t REG_DWORD /d 0x00000000 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3" /v 2201  /t REG_DWORD /d 0x00000000 /f
::reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4" /v 2201  /t REG_DWORD /d 0x00000000 /f
echo.
echo 正在启用“对标记为可安全执行脚本的 ActiveX 控件执行脚本”...
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1" /v 1405  /t REG_DWORD /d 0x00000000 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" /v 1405  /t REG_DWORD /d 0x00000000 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3" /v 1405  /t REG_DWORD /d 0x00000000 /f
::reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4" /v 1405  /t REG_DWORD /d 0x00000000 /f
echo.
echo 正在启用“对未标记为安全的 ActiveX 控件进行初始化和脚本运行”...
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1" /v 1201  /t REG_DWORD /d 0x00000000 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" /v 1201  /t REG_DWORD /d 0x00000000 /f
::以下internet区域设置数值为0表示仅提示,如果设置为0则会触发IE打开提示“你的安全设置级别导致计算机存在安全风险”
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3" /v 1201  /t REG_DWORD /d 0x00000001 /f
::reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4" /v 1201  /t REG_DWORD /d 0x00000000 /f
echo.
echo 正在禁用“仅允许经过批准的域在未经提示的情况下使用 ActiveX” ...
::此处数值0表示“禁用”,3表示“开启”
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1" /v 120B  /t REG_DWORD /d 0x00000000 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" /v 120B  /t REG_DWORD /d 0x00000000 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3" /v 120B  /t REG_DWORD /d 0x00000000 /f
::reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4" /v 120B  /t REG_DWORD /d 0x00000000 /f
echo.
echo 正在启用“下载未签名的 ActiveX 控件”...
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1" /v 1004  /t REG_DWORD /d 0x00000000 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" /v 1004  /t REG_DWORD /d 0x00000000 /f
::以下internet区域设置数值为0表示仅提示,如果设置为0则会触发IE打开提示“你的安全设置级别导致计算机存在安全风险”
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3" /v 1004  /t REG_DWORD /d 0x00000001 /f
::reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4" /v 1004  /t REG_DWORD /d 0x00000000 /f
echo.
echo 正在启用“下载已签名的 ActiveX 控件”...
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1" /v 1001  /t REG_DWORD /d 0x00000000 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" /v 1001  /t REG_DWORD /d 0x00000000 /f
::以下internet区域设置数值为0表示仅提示,如果设置为0则会触发IE打开提示“你的安全设置级别导致计算机存在安全风险”
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3" /v 1001  /t REG_DWORD /d 0x00000001 /f
::reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4" /v 1001  /t REG_DWORD /d 0x00000000 /f
echo.
echo 正在禁用“允许 ActiveX 筛选”...
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1" /v 2702  /t REG_DWORD /d 0x00000003 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" /v 2702  /t REG_DWORD /d 0x00000003 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3" /v 2702  /t REG_DWORD /d 0x00000003 /f
::reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4" /v 2702  /t REG_DWORD /d 0x00000003 /f
echo.
echo 正在启用“允许 Scriptlet”...
::reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1" /v 1209  /t REG_DWORD /d 0x00000000 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" /v 1209  /t REG_DWORD /d 0x00000000 /f
::reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3" /v 1209  /t REG_DWORD /d 0x00000000 /f
::reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4" /v 1209  /t REG_DWORD /d 0x00000000 /f
echo.
echo 正在启用“允许运行以前从未使用的 ActiveX 控件而不提示”...
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1" /v 1208  /t REG_DWORD /d 0x00000000 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" /v 1208  /t REG_DWORD /d 0x00000000 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3" /v 1208  /t REG_DWORD /d 0x00000000 /f
::reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4" /v 1208  /t REG_DWORD /d 0x00000000 /f
echo.
echo 正在启用“运行 ActiveX 控件和插件”...
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1" /v 1200  /t REG_DWORD /d 0x00000000 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" /v 1200  /t REG_DWORD /d 0x00000000 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3" /v 1200  /t REG_DWORD /d 0x00000000 /f
::reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4" /v 1200  /t REG_DWORD /d 0x00000000 /f
echo.
echo 正在启用“在没有使用外部媒体播放机的网页上显示视频和动画”...
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1" /v 120A  /t REG_DWORD /d 0x00000000 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" /v 120A  /t REG_DWORD /d 0x00000000 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3" /v 120A  /t REG_DWORD /d 0x00000000 /f
::reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4" /v 120A  /t REG_DWORD /d 0x00000000 /f
echo.
echo 正在禁用“启用XSS筛选器”...
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1" /v 1409  /t REG_DWORD /d 0x00000003 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" /v 1409  /t REG_DWORD /d 0x00000003 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3" /v 1409  /t REG_DWORD /d 0x00000003 /f
::reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4" /v 1409  /t REG_DWORD /d 0x00000003 /f
echo.
作者: bg4jhj    时间: 2022-2-8 15:07

echo 正在启用“文件下载”...
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1" /v 1803  /t REG_DWORD /d 0x00000000 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" /v 1803  /t REG_DWORD /d 0x00000000 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3" /v 1803  /t REG_DWORD /d 0x00000000 /f
::reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4" /v 1803  /t REG_DWORD /d 0x00000000 /f
echo.
echo 正在配置“用户身份验证”-“自动使用当前用户名和密码”...
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1" /v 1A00  /t REG_DWORD /d 0x00000000 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" /v 1A00  /t REG_DWORD /d 0x00000000 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3" /v 1A00  /t REG_DWORD /d 0x00000000 /f
::reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4" /v 1A00  /t REG_DWORD /d 0x00000000 /f
echo.

echo 正在勾选“禁用脚本调试(Internet Explorer)”和“禁用脚本调试(其他)”...
reg add "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main" /v DisableScriptDebuggerIE  /t REG_SZ /d yes /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main" /v "Disable Script Debugger" /t REG_SZ /d yes /f
echo.
echo 正在关闭“阻止窗口弹出”...
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1" /v 1809  /t REG_DWORD /d 0x00000003 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2" /v 1809  /t REG_DWORD /d 0x00000003 /f
reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3" /v 1809  /t REG_DWORD /d 0x00000003 /f
::reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\4" /v 1809  /t REG_DWORD /d 0x00000003 /f
echo.
echo  禁用弹出窗口阻止程序
set "KEY=HKCU\Software\Microsoft\Internet Explorer\New Windows"
for /f "tokens=2*" %%a in ('reg query "%KEY%" /v PopupMgr') do set PDV=%%b
if not "%PDV%"=="0x0" (

    call:Kill_iexplore.exe

    reg add "%KEY%" /v PopupMgr /t REG_DWORD /d 0 /f

)

echo.

::4  高级
echo 安全—允许运行或安装软件,即使签名无效   -勾选
REG add " HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download" /v "RunInvalidSignatures" /t reg_dword /d 0x00000001 /f
echo.
echo 安全—允许来自CD的活动内容在“我的电脑”中运行*   -勾选
REG add "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN\Settings" /v "LOCALMACHINE_CD_UNLOCK" /t reg_dword /d 0x00000001 /f
echo.
echo 安全—允许活动内容在“我的电脑”的文件中运行*   -勾选
REG add "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN" /v "iexplore.exe" /t reg_dword /d 0x00000000 /f
echo.
echo 若不正常,建议关闭所有IE再次运行本脚本。
pause
作者: bg4jhj    时间: 2022-2-8 15:08

把以上代码合并为一个bat文件,目前运行还算正常,但并不全面,感谢大仙们帮忙补一补。
作者: bg4jhj    时间: 2022-2-10 08:50

大神们还没上班吗




欢迎光临 批处理之家 (http://www.bathome.net/) Powered by Discuz! 7.2