Article

How To Disable Internet Explorer Enhanced Security Configuration on Windows Server

Published on: Sat, Aug 8, 2015 at 6:40 pm EST
Windows Guides

By default, Internet Explorer on Windows Server is locked down to guard against browser-based attacks on production servers. However, if you are configuring an instance that is not yet in production, or are using an instance for demonstration, development, or testing purposes, the extreme security settings may make Internet Explorer difficult (and sometimes even impossible) to use.

Method 1 (Use Server Manager)

These instructions work on Windows Server 2012.

If you want to disable IEESC on the Local Server, go to your Server Manager, and choose "Local Server" from the sidebar. In the "Properties" section, the 3rd option of the 4th column is "IE Enhanced Security Configuration". By clicking on "On" (which represents the status), you can set it up for Administrators and Users.

If you want Administrators to be able to turn off the IEESC, choose "Off" for Administrators; same goes for Users: if you want users to be able to turn off the IEESC, click on "Off". This will turn the IEESC on or off.

If you want to enable the IEESC after disabling it, follow the same steps but simply change your choice for Administrators and Users.

Method 2 (Modifying the registry)

These instructions work on Windows Server 2008 and later.

Creating the registry file

Connect to your server and open a text editor such as Notepad. Paste in the following:

Windows Registry Editor Version 5.00

;Start admin section.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\]
"IsInstalled"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}]
"IsInstalled"=dword:00000000
;end admin section.
;Start user section.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\]
"IsInstalled"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}]
"IsInstalled"=dword:00000000
;End user section.

Editing the registry file

If you wish to disable the enhanced security configuration for all users, there is no need to modify the registry file. To disable for administrators only, remove ;Start user section., ;End user section., and everything in between. To disable for users only, remove ;Start admin section., ;End admin section., and everything in between. When finished, save the file with a .reg extension.

Importing the registry file

Find and open the registry file you have created. Answer "yes" when Windows prompts you to import the registry values.

Applying your changes

Reboot your server, or kill explorer.exe using Command Prompt, Task Manager, or another process management utility.

Want to contribute ?

You could earn up to $300 by adding new articles