Category: At least Internet Explorer 6.0 in Windows XP with Service Pack 2 or Windows Server 2003 with Service Pack 1

This policy setting allows you to manage the opening of windows and frames and access of applications across different domains. If you enable this policy setting users can open additional windows and frames from other domains and access applications from other domains. If you select Prompt in the drop-down box users are queried whether to allow additional windows and frames to access applications from other domains. If you disable this policy setting users cannot open other windows and frames from other domains or access applications from different domains. If you do not configure this policy setting users cannot open other windows and frames from different domains or access applications from different domains.

This policy setting allows you to manage whether a resource hosted on an admin-restricted protocol in the Trusted Sites Zone can run active content such as script ActiveX Java and Binary Behaviors. The list of restricted protocols may be set in the Trusted Sites Zone Restricted Protocols section under Network Protocol Lockdown policy. If you enable this policy setting no Trusted Sites Zone content accessed is affected even for protocols on the restricted list. If you select Prompt from the drop-down box the Notification bar will appear to allow control over questionable content accessed over any restricted protocols; content over other protocols is unaffected. If you disable this policy setting all attempts to access such content over the restricted protocols is blocked. If you do not configure this policy setting all attempts to access such content over the restricted protocols is blocked when the Network Protocol Lockdown security feature is enabled.

This policy setting allows you to manage whether users are prompted to select a certificate when no certificate or only one certificate exists. If you enable this policy setting Internet Explorer does not prompt users with a “Client Authentication” message when they connect to a Web site that has no certificate or only one certificate. If you disable this policy setting Internet Explorer prompts users with a “Client Authentication” message when they connect to a Web site that has no certificate or only one certificate. If you do not configure this policy setting Internet Explorer prompts users with a Client Authentication message when they connect to a Web site that has no certificate or only one certificate.

This policy setting manages whether users will be automatically prompted for ActiveX control installations. If you enable this policy setting users will receive a prompt when a site instantiates an ActiveX control they do not have installed. If you disable this policy setting ActiveX control installations will be blocked using the Notification bar. Users can click on the Notification bar to allow the ActiveX control prompt. If you do not configure this policy setting ActiveX control installations will be blocked using the Notification bar. Users can click on the Notification bar to allow the ActiveX control prompt.

This policy setting determines whether users will be prompted for non user-initiated file downloads. Regardless of this setting users will receive file download dialogs for user-initiated downloads. If you enable this setting users will receive a file download dialog for automatic download attempts. If you disable or do not configure this setting file downloads that are not user-initiated will be blocked and users will see the Notification bar instead of the file download dialog. Users can then click the Notification bar to allow the file download prompt.