Disable IE Enhanced Security Configuration via Group Policy


I just want to blog on how to disable the IE Enhance Security Configuration via group policy.

One thing I share this post is because, usually, I create the test environmental lab in virtual machine (VMWare or Hyper-v or VirtualBox), I turn off this IE ESC and Windows Firewall.

Step 1:

Create a new group policy under Group Policy management (gpmc.msc) in your domain controller.


Step 2:

Right-click the group policy and edit.

Under Computer configuration, expand Preferences -> Windows Setting -> Registry

Step 3:

Create New Registry item and under HKEY Local Machine -> Software -> Microsoft -> Active Setup -> Installed Components ->

Find this ID. this GUID is turning off the IE ESC

for Administrators:

A509B1A7-37EF-4b3f-8CFC-4F3A74704073 - ADministrators

For Users:


Step 4: Modify the value under “IsInstalled” to 0



Group Policy to Schedule Task

In this topic, I will cover to use Group Policy to Deploy Task Scheduler to Map a network drive.

I used batch file called testmap.bat as content below:


@echo off

Net use M: \\nom-dc1\shared

Start M:

So I put it into NOM-DC1\Netlogon .

Configure Group Policy:

  1. Open Management Console, right-click intended OU or domain. choose “Create GPO and Link it here…”
  2. In just GPO created, right click GPO and select Edit.
  3. Go to User Configuration, Under Preferences, Choose Control Panel and Select Scheduled Tasks.
  4. At the Scheduled Task, Right-Click on it and choose New. Type a the name of the schedule. Please choose at appropriate operating system you want to configure.
  5. At the Schedule tab, I choose at start log on
  6. At the Action,


7. Finally, click OK button.

After we configure the group policy, you may use Gpupdate /force and restart the workstation and log on the workstation using the username in the OU that group policy sits.

8. After log on, check the task scheduler at the workstation.

you may get like this.


and check the computer windows or explorer.

Then…your network map drive is working.


Journal Wrap Error


I just want to show you which you may find Journal Wrap Error in your SYSVOL domain controller.

How journal wrap error happens can be found and perfectly explained in the Blog TechNet



From my experience, I found sometimes this error in Event Viewer.



where you find this error?

you can find this error in the Event Viewer at File Replication Service.



How do I troubleshoot Journal Wrap Error?

I used a NON-Authoritative SYSVOL restore.

To perform Non Authoritative SYSVOL restore,

1.  Go to Run and type CMD.

2. Type net stop ntfrs to stop File Replication Services.

3. Go to Run and type regedit.

4. Expand the following registry:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup

5. You will see BurFlags. double-click on BurFlags.


6. in the Edit DWORD Value dialog box, type D2 and click OK. Close the Registry.

7. Goto Command Prompt, type net start ntfrs


In the SYSVOL  Folder, you will see a NtFrs_PreExisting ___See_EventLog folder.