Set-StrictMode -Version 2 # load required modules Import-Module ActiveDirectory Import-Module GroupPolicy #define variables $GPOName = 'Gpo-Parametres-IE' $defaultNC = ( [ADSI]"LDAP://RootDSE" ).defaultNamingContext.Value #$TargetOU = 'OU=Serveurs,' + $defaultNC $TargetOU = $defaultNC #create new GPO shell $GPO = New-GPO -Name $GPOName #Pose d'éléments pour modifier des clés de registre par GPO #Disable IE First Run Wizard and RSS Feeds Set-GPPrefRegistryValue -Name $GPOName -Action Update -Context User -Key 'HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer\Main' -Type DWord -ValueName 'DisableFirstRunCustomize' -Value 1 | out-null #Disable Internet Explorer Enhanced Security Enhanced Set-GPPrefRegistryValue -Name $GPOName -Action Update -Context User -Key 'HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073' -Type DWord -ValueName 'IsInstalled' -Value 0 | out-null Set-GPPrefRegistryValue -Name $GPOName -Action Update -Context User -Key 'HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073' -Type DWord -ValueName 'IsInstalled' -Value 0 | out-null #Force off-screen composition in IE Set-GPPrefRegistryValue -Name $GPOName -Action Update -Context User -Key 'HKCU\Software\Microsoft\Internet Explorer\Main' -Type DWord -ValueName 'Force Offscreen Composition' -Value 1 | out-null #Don t check if IE default browser Set-GPPrefRegistryValue -Name $GPOName -Action Update -Context User -Key 'HKCU\Software\Microsoft\Internet Explorer\Main' -Type String -ValueName 'Check_Associations' -Value 'no' | out-null #IE default browser Set-GPPrefRegistryValue -Name $GPOName -Action Update -Context User -Key 'HKCU\Software\Microsoft\Internet Explorer\Main' -Type String -ValueName 'Default_Page_URL' -Value 'http://www.google.fr' | out-null #Disable warm is mix for secure and not secure elements Set-GPPrefRegistryValue -Name $GPOName -Action Update -Context User -Key 'HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings' -Type DWord -ValueName 'WarnonZoneCrossing' -Value 0 | out-null