' Add FINNAS trusted sites'  Matt Rowston   Version 2.2   30-06-11
' This script does the following....
'
' Adds entries into the registry using the \ slash method
' Adds Security Settings for IE
'
'     Microsoft Reference Document - 
'     Internet Explorer security zones registry entries for advanced users 
'     http://support.microsoft.com/?kbid=182569
'     Matt Rowston  (NAS Insurance)
'     it@nasinsurance.com.au
'
'The Zones key contains keys that represent each security zone that is defined for the computer. By default, the following five zones are defined (numbered zero through four):    Value    Setting
'   ------------------------------
'   0        My Computer
'   1        Local Intranet Zone
'   2        Trusted sites Zone
'   3        Internet Zone
'   4        Restricted Sites Zone
'
' Each of these keys contains the following DWORD values that represent corresponding settings on the custom Security tab. 
'
' Note Unless stated otherwise, each DWORD value is equal to zero, one, or three. Typically, a setting of zero sets a specific 
' action as permitted, a setting of one causes a prompt to appear, and a setting of three prohibits the specific action. 
'
' As discovered on the 30th of June 2011 the above statement from the KB article varies based on the double negatives
' For future settings ensure you check the actual registry setting that is deployed by IE
'
'----------------------------------------Start Internet Explorer Progress Window-----------------------
Set objShell = WScript.CreateObject("WScript.Shell")
Set objExplorer = CreateObject("InternetExplorer.Application")
objExplorer.Navigate "about:blank"  
objExplorer.ToolBar = 0
objExplorer.StatusBar = 0
objExplorer.Width = 800
objExplorer.Height = 600
objExplorer.Left = 20
objExplorer.Top = 20
Do While (objExplorer.Busy)
    Wscript.Sleep 20
Loop   

objExplorer.Visible = 1
Set objDocument = objExplorer.Document    
objDocument.Open                
objDocument.Writeln "<html><head><title>NAS - Internet Explorer FINNAS Settings Script</title></head>"
'objDocument.Writeln "<body background='NAS.gif' bgcolor='white' style='font-family: Verdana'>"
objDocument.Writeln "<body STYLE=filter:progid:DXImageTransform.Microsoft.Gradient(GradientType=3) style='font-family: Verdana' style='color: White'>"

objDocument.Writeln "<span id=span1></span>"
objDocument.Writeln "<span id=span2></span>"
objDocument.Writeln "<span id=span3></span>"
objDocument.Writeln "<span id=span4></span>"
objDocument.Writeln "<span id=span5></span>"
objDocument.Writeln "<span id=span6></span>"
objDocument.Writeln "<span id=span7></span>"
objDocument.Writeln "<span id=span8></span>"
objDocument.Writeln "<span id=span9></span>"
objDocument.Writeln "<span id=span10></span>"
objDocument.Writeln "<span id=span11></span>"
objDocument.Writeln "<span id=span12></span>"
objDocument.Writeln "<span id=span13></span>"
objDocument.Writeln "<span id=span14></span>"
objDocument.Writeln "<span id=span15></span>"
objDocument.Writeln "<span id=span16></span>"
objDocument.Writeln "<span id=span17></span>"
objDocument.Writeln "<span id=span18></span>"
objDocument.Writeln "<span id=span19></span>"
objDocument.Writeln "<span id=span20></span>"
objDocument.Writeln "<span id=span21></span>"
objDocument.Writeln "<span id=span22></span>"
objDocument.Writeln "<span id=span23></span>"
objDocument.Writeln "<span id=span24></span>"
objDocument.Writeln "<span id=span25></span>"
objDocument.Writeln "<span id=span26></span>"
objDocument.Writeln "<span id=span27></span>"
objDocument.Writeln "<span id=span28></span>"
objDocument.Writeln "<span id=span29></span>"
objDocument.Writeln "<span id=span30></span>"


objDocument.Writeln "</body></html>"
objExplorer.Document.body.childnodes(0).InnerHTML = "<strong><font ='Verdana' size='4'>" & _
  "NAS - Internet Explorer FINNAS Settings Script.</font></br></br>"
wscript.sleep 1000
'
'
'     **** Computers Trusted Sites settings to suit FINNAS ****
'
'
' msgbox "MATT PAUSE",64,"NAS FINNAS Settings"
'
' Using the \ slash method
' Using the \ slash method
' Using the \ slash method
' HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
'
'----------------------------------------Say Adding Trusted Sites Using the \ slash method--------------------------------------
objExplorer.Document.body.childnodes(4).InnerHTML="<strong>Adding *.nasinsurance.com.au to Trusted Sites...</strong></br><br>"
'
'----------------------------------------Say Add nasinsurance.com.au to Trusted Sites list-------------------------------------
objExplorer.Document.body.childnodes(5).InnerHTML="<font ='Verdana' size='2'>added........nasinsurance.com.au</strong></br>"
' Add nasinsurance.com.au to Trusted Sites list
HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\" & "ZoneMap\Domains\nasinsurance.com.au"
objReg.CreateKey HKEY_CURRENT_USER, strKeyPath
strValueName = "*"
dwValue = 2
objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, strValueName, dwValue
'
'
'Adding Security Settings for IE
'Adding Security Settings for IE
'Adding Security Settings for IE
'----------------------------------------Say Adding Internet Explorer Security Settings for Trusted Sites-------------------------------------
objExplorer.Document.body.childnodes(6).InnerHTML="<br><strong>Adding Security Settings for Trusted Sites...</strong></br>"
'
'
objExplorer.Document.body.childnodes(7).InnerHTML="<font ='Verdana' size='2'>Enable - Download signed ActiveX components from a Web page</br>"
' Download signed ActiveX components from a Web page (Zone 2)
HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2"
objReg.CreateKey HKEY_CURRENT_USER, strKeyPath
ValueName = "1001"
dwValue = 0
objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, ValueName, dwValue
'
objExplorer.Document.body.childnodes(8).InnerHTML="<font ='Verdana' size='2'>Enable - Download unsigned ActiveX components from a Web page</br>"
' Download unsigned ActiveX components from a Web page (Zone 2)
HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2"
objReg.CreateKey HKEY_CURRENT_USER, strKeyPath
ValueName = "1004"
dwValue = 0
objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, ValueName, dwValue
'
objExplorer.Document.body.childnodes(9).InnerHTML="<font ='Verdana' size='2'>Enable - Run ActiveX components and plug-ins from Web pages</br>"
' Run ActiveX components and plug-ins from Web pages (Zone 2)
HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2"
objReg.CreateKey HKEY_CURRENT_USER, strKeyPath
ValueName = "1200"
dwValue = 0
objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, ValueName, dwValue
'
objExplorer.Document.body.childnodes(10).InnerHTML="<font ='Verdana' size='2'>Enable - ActiveX controls and plug-ins: Initialize and script ActiveX controls not marked as safe</br>"
' Run Enable - ActiveX controls and plug-ins: Initialize and script ActiveX controls not marked as safe (Zone 2)
HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2"
objReg.CreateKey HKEY_CURRENT_USER, strKeyPath
ValueName = "1201"
dwValue = 0
objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, ValueName, dwValue
'
objExplorer.Document.body.childnodes(11).InnerHTML="<font ='Verdana' size='2'>Enable - ActiveX controls and plug-ins: Allow previously unused ActiveX controls to run without prompt</br>"
' Run Enable - ActiveX controls and plug-ins: Allow previously unused ActiveX controls to run without prompt (Zone 2)
HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2"
objReg.CreateKey HKEY_CURRENT_USER, strKeyPath
ValueName = "1208"
dwValue = 0
objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, ValueName, dwValue
'
objExplorer.Document.body.childnodes(12).InnerHTML="<font ='Verdana' size='2'>Disable - Only allow approved domains to use ActiveX controls without prompt</br>"
' Run Disable - Only allow approved domains to use ActiveX controls without prompt (Zone 2)
' ActiveX controls and plug-ins: Override Per-Site (domain-based) ActiveX restrictions
HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2"
objReg.CreateKey HKEY_CURRENT_USER, strKeyPath
ValueName = "120B"
dwValue = 0
objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, ValueName, dwValue
'
objExplorer.Document.body.childnodes(13).InnerHTML="<font ='Verdana' size='2'>Enable - ActiveX controls and plug-ins: Allow Scriptlets</br>"
' Run Enable - ActiveX controls and plug-ins: Allow Scriptlets (Zone 2)
HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2"
objReg.CreateKey HKEY_CURRENT_USER, strKeyPath
ValueName = "1209"
dwValue = 0
objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, ValueName, dwValue
'
objExplorer.Document.body.childnodes(14).InnerHTML="<font ='Verdana' size='2'>Enable - Scripting: Active scripting</br>"
' Enable - Scripting: Active scripting (Zone 2)
HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2"
objReg.CreateKey HKEY_CURRENT_USER, strKeyPath
ValueName = "1400"
dwValue = 0
objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, ValueName, dwValue
'
objExplorer.Document.body.childnodes(15).InnerHTML="<font ='Verdana' size='2'>Enable - Allow scripts to interact with ActiveX components marked safe for scripting</br>"
' Allow scripts to interact with ActiveX components marked safe for scripting (Zone 2)
HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2"
objReg.CreateKey HKEY_CURRENT_USER, strKeyPath
ValueName = "1405"
dwValue = 0
objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, ValueName, dwValue
'
objExplorer.Document.body.childnodes(16).InnerHTML="<font ='Verdana' size='2'>Enable - Miscellaneous: Access data sources across domains</br>"
' Enable - Miscellaneous: Access data sources across domains(Zone 2)
HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2"
objReg.CreateKey HKEY_CURRENT_USER, strKeyPath
ValueName = "1406"
dwValue = 0
objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, ValueName, dwValue
'
objExplorer.Document.body.childnodes(17).InnerHTML="<font ='Verdana' size='2'>Enable - Miscellaneous: Display mixed content</br>"
' Enable - Miscellaneous: Display mixed content(Zone 2)
HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2"
objReg.CreateKey HKEY_CURRENT_USER, strKeyPath
ValueName = "1609"
dwValue = 0
objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, ValueName, dwValue
'
objExplorer.Document.body.childnodes(18).InnerHTML="<font ='Verdana' size='2'>Enable - Downloads: File Download</br>"
' Enable - Downloads: File Download(Zone 2)
HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2"
objReg.CreateKey HKEY_CURRENT_USER, strKeyPath
ValueName = "1803"
dwValue = 0
objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, ValueName, dwValue
'
objExplorer.Document.body.childnodes(19).InnerHTML="<font ='Verdana' size='2'>Disable - Miscellaneous: Use Pop-up Blocker</br>"
' Disable - Miscellaneous: Use Pop-up Blocker(Zone 2)
HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2"
objReg.CreateKey HKEY_CURRENT_USER, strKeyPath
ValueName = "1809"
dwValue = 3
objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, ValueName, dwValue
'
objExplorer.Document.body.childnodes(20).InnerHTML="<font ='Verdana' size='2'>Enable - Miscellaneous: Web sites in less privileged web content zone can navigate into this zone</br>"
' Enable - Miscellaneous: Web sites in less privileged web content zone can navigate into this zone(Zone 2)
HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2"
objReg.CreateKey HKEY_CURRENT_USER, strKeyPath
ValueName = "1A00"
dwValue = 0
objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, ValueName, dwValue
'
objExplorer.Document.body.childnodes(21).InnerHTML="<font ='Verdana' size='2'>Enable - User Authentication:Logon:Automatically logon with current username and password </br>"
' User Authentication: Logon  : 0x00000000 Automatically logon with current username and password(Zone 2)
HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2"
objReg.CreateKey HKEY_CURRENT_USER, strKeyPath
ValueName = "2101"
dwValue = 0
objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, ValueName, dwValue
'
objExplorer.Document.body.childnodes(22).InnerHTML="<font ='Verdana' size='2'>Enable - Downloads: Automatic prompting for file downloads</br>"
' Enable - Downloads: Automatic prompting for file downloads(Zone 2)
HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2"
objReg.CreateKey HKEY_CURRENT_USER, strKeyPath
ValueName = "2200"
dwValue = 0
objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, ValueName, dwValue
'
objExplorer.Document.body.childnodes(23).InnerHTML="<font ='Verdana' size='2'>Enable - ActiveX controls and plug-ins: Automatic prompting for ActiveX controls</br>"
' Enable - ActiveX controls and plug-ins: Automatic prompting for ActiveX controls(Zone 2)
HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2"
objReg.CreateKey HKEY_CURRENT_USER, strKeyPath
ValueName = "2201"
dwValue = 0
objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, ValueName, dwValue
'
objExplorer.Document.body.childnodes(24).InnerHTML="<font ='Verdana' size='2'>Enable - Miscellaneous: Allow web pages to use restricted protocols for active content</br>"
' Enable - Miscellaneous: Allow web pages to use restricted protocols for active content(Zone 2)
HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2"
objReg.CreateKey HKEY_CURRENT_USER, strKeyPath
ValueName = "2300"
dwValue = 0
objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, ValueName, dwValue
'
objExplorer.Document.body.childnodes(25).InnerHTML="<font ='Verdana' size='2'>Enable - Delete Temp Internet Files on Shutdown</br>"
' Adds Delete Temp Internet Files on Shutdown
HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache"
objReg.CreateKey HKEY_CURRENT_USER, strKeyPath
ValueName = "Persistent"
dwValue = 0
objReg.SetDWORDValue HKEY_CURRENT_USER, strKeyPath, ValueName, dwValue
'
objExplorer.Document.body.childnodes(26).InnerHTML="<font ='Verdana' size='2'>Disable - Script Debugging</br>"
' Adds Disable Script Debugging
HKEY_CURRENT_USER = &H80000001
strComputer = "."
Set objReg = GetObject("winmgmts:\\" & strComputer & "\root\default:StdRegProv")
strKeyPath = "Software\Microsoft\Internet Explorer\Main"
objReg.CreateKey HKEY_CURRENT_USER, strKeyPath
ValueName = "Disable Script Debugger"
StringValue = "yes"
objReg.SetStringValue HKEY_CURRENT_USER, strKeyPath, ValueName, StringValue
'
'
'
'
'----------------------------------------Say  completed--------------------------------
  objExplorer.Document.body.childnodes(27).InnerHTML="<strong><br>Trusted Sites Configuration is complete...thankyou</strong><br>"
wscript.sleep 1000
msgbox "Internet Explorer FINNAS Settings Script Completed",64,"NAS FINNAS Settings"
objExplorer.quit