Microsoft InfoPath 2010 Microsoft InfoPath 2010 14.0.4763.1000 This policy setting controls whether the specified Office application notifies users when unsigned application add-ins are loaded or silently disable such add-ins without notification. This policy setting only applies if you enable the "Require that application add-ins are signed by Trusted Publisher" policy setting, which prevents users from changing this policy setting. If you enable this policy setting, applications automatically disable unsigned add-ins without informing users. If you disable this policy setting, if this application is configured to require that all add-ins be signed by a trusted publisher, any unsigned add-ins the application loads will be disabled and the application will display the Trust Bar at the top of the active window. The Trust Bar contains a message that informs users about the unsigned add-in. If you do not configure this policy setting, the disable behavior applies, and in addition, users can configure this requirement themselves in the "Add-ins" category of the Trust Center for the application. Turn off Data Execution Prevention This policy setting allows you to turn on and off Data Execution Prevention (DEP) for InfoPath. DEP is a set of hardware and software technologies that perform additional checks on memory to help prevent malicious code from running on a system. The primary benefit of DEP is to help prevent code execution from data pages. If you enable this policy setting, you will turn off DEP for InfoPath. If you disable or do not configure this policy setting, you will turn on DEP for InfoPath. Disable Trust Bar Notification for unsigned application add-ins This policy setting controls whether add-ins for this applications must be digitally signed by a trusted publisher. If you enable this policy setting, this application checks the digital signature for each add-in before loading it. If an add-in does not have a digital signature, or if the signature did not come from a trusted publisher, this application disables the add-in and notifies the user. Microsoft provides four certificates for Office, which you can add to the Trusted Publishers list. These certificates must be added to the Trusted Publishers list if you require that all add-ins be signed by a trusted publisher. The Microsoft certificates are named Mscert01.cer, Mscert02.cer, Mscert03.cer, Mscert04.cer, and can be found on the Microsoft Web site. Office 2010 stores certificates for trusted publishers in the Internet Explorer trusted publisher store. Earlier versions of Microsoft Office stored trusted publisher certificate information (specifically, the certificate thumbprint) in a special Office trusted publisher store. Office 2010 still reads trusted publisher certificate information from the Office trusted publisher store, but it does not write information to this store. Therefore, if you created a list of trusted publishers in a previous version of Office and you upgrade to Office 2010, your trusted publisher list will still be recognized. However, any trusted publisher certificates that you add to the list will be stored in the Internet Explorer trusted publisher store. For more information about trusted publishers, see the Office Resource Kit. If you disable or do not configure this policy setting, this application does not check the digital signature on application add-ins before opening them. If a dangerous add-in is loaded, it could harm users' computers or compromise data security. Require that application add-ins are signed by Trusted Publisher Trust Center Trusted Locations Trusted Location #1 Trusted Location #2 Trusted Location #3 Trusted Location #4 Trusted Location #5 Trusted Location #6 Trusted Location #7 Trusted Location #8 Trusted Location #9 Trusted Location #10 Trusted Location #11 Trusted Location #12 Trusted Location #13 Trusted Location #14 Trusted Location #15 Trusted Location #16 Trusted Location #17 Trusted Location #18 Trusted Location #19 Trusted Location #20 This policy setting allows you to specify a location that is used as a trusted source for opening files in this application. Files in trusted locations bypass file validation, active content checks and Protected View. Macros and code in these files will execute without displaying warnings to the user. If you change or add a location make sure that the new location is secured, with only appropriate user permissions to add document/files. If you enable this policy setting, you may specify a folder location, path, and date from which files can the application can open files which run macros without warning. If you check the "Allow sub folders" check box, then all sub-folders in the folder you specify will also be trusted. If you disable or do not configure this policy setting, the trusted location is not specified. Disable all trusted locations This policy setting allows administrators to disable all trusted locations in the specified applications. Trusted locations specified in the Trust Center are used to define file locations that are assumed to be safe. Content, code, and add-ins are allowed to load from trusted locations with a minimal amount of security, without prompting the users for permission. If a dangerous file is opened from a trusted location, it will not be subject to standard security measures and could harm users' computers or data. If you enable this policy setting, all trusted locations (those specified in the Trust Center) in the specified applications are ignored, including any trusted locations established by Office 2010 during setup, deployed to users using Group Policy, or added by users themselves. Users will be prompted again when opening files from trusted locations. If you disable or do not configure this policy setting, all trusted locations (those specified in the Trust Center) in the specified applications are assumed to be safe. Block cross-domain data form retrieval This policy setting allows you to specify whether or not the InfoPath client can access cross-domain data in untrusted forms. If you enable this policy setting, users will not be able to retrieve cross-domain data unless the form is full trust or opened from a Trusted Location. If you disable or do not configure this policy setting, users will be asked if they want to trust the data connections in a form when the form contains cross-domain data connections. Disable all application add-ins This policy setting disables all add-ins for the specified Office 2010 applications. If you enable this policy setting, all add-ins for the specified Office 2010 applications are disabled. If you disable or do not configure this policy setting, all add-ins for the specified Office 2010 applications are allowed to run without notifying the users. Checks/Unchecks the corresponding UI option. Custom Disable commands Disable Items in User Interface Disable shortcut keys Enter a command bar ID to disable General Help | Activate Product... Left to Right Miscellaneous Predefined Number of documents in the Recent documents list Right to Left Security This policy setting allows you to disable any command bar button and menu item with a command bar ID, including command bar buttons and menu items that are not in the predefined lists. If you enable this policy setting, you can enter an ID number to disable a specific command bar button or menu item. The ID number needs to be in decimal (not hexadecimal). Multiple values should be separated by commas. For more information, see Microsoft Office 2010 Fluent User Interface Control Identifiers at http://officeredir.microsoft.com/r/rlidOffice14RibbonControlIDsO14?clid=1033. If you disable or do not configure this policy setting, all default command bar buttons or menu items are available to users. InfoPath Options InfoPath stores an allowable list corresponding to the assemblies located in the GAC (Global Assembly Cache) that have the Allow Partially Trust Callers Attribute (APTCA) set. An InfoPath form's business logic can only call into APTCA assemblies in the GAC which are on this allowable list. To add a new assembly to the allowable list, add a new String Value entry to the APTCA key. The Value Name field should be the public key token for the assembly and the Value Data field should be "1" for InfoPath to allow loading the assembly. If the Value Data field is not "1" the assembly will fail to load. InfoPath APTCA Assembly allowable list InfoPath APTCA Assembly Allowable List Enforcement InfoPath stores a list of safe assemblies located in the GAC (Global Assembly Cache) that an InfoPath form's business logic can call. Business logic can only call into assemblies in the GAC that are on the safe list. This policy controls the enforcement of the safe list. By default, assemblies in the GAC that are not on the safe list cannot be loaded from business logic. Enter URL of location where template parts are stored Specify a location where Template Parts are stored. Template Parts in this location are automatically recognized by InfoPath and displayed in the Custom Controls Task Pane. Control behavior for Microsoft SharePoint Foundation gradual upgrade This policy setting controls whether forms and form templates follow URL redirections provided by Microsoft SharePoint Foundation during a gradual upgrade. If you enable this policy setting, you can choose from three different redirection options: - Allow redirections to any location. If this option is selected, poorly planned gradual upgrades could put sensitive information at risk. - Allow redirections to Intranet only. This option is the default configuration in InfoPath. Redirects to the local intranet are allowed, but redirects to other locations are blocked. - Block all redirections. This option prevents InfoPath from using redirections completely. If you do not configure this policy setting, InfoPath automatically redirects user requests for sites that have not been upgraded to the temporary URL if it is located on the local intranet, but blocks them if the temporary URL is located elsewhere. InfoPath will prompt users before redirecting forms or form templates to another intranet site. If you disable this policy setting, all requests to sites that have not been upgraded will be redirected to their targets, regardless of location. This functionality could cause requests made to a secure site to be redirected to an unsecured one (for example, requests to an intranet site could be redirected to an unencrypted Internet site), causing sensitive information to be at risk. Allow redirections to any location Allow redirections to Intranet only Block all redirections Hosting the InfoPath Form Control, InfoPath.exe, Document Information Panel, and Workflow forms InfoPath.exe, Document Information Panel and Workflow forms None Windows Internet Explorer Feature Control Opt-In InfoPath hosts Windows Internet Explorer. This setting opts InfoPath into the following set of Windows Internet Explorer Feature Controls which lock down behavior: Install ActiveX controls, File download, Bind to object, Security band, Manage add-ons, Disable user name, MIME handling, MIME sniffing, Object caching, Popup blocker, Check saved files, Navigate URL, Window restrictions, Zone elevation. By default Feature Control Lockdown is turned on for InfoPath.exe, Document Information Panel, Workflow forms and 3rd Party Hosting. You can also change this setting so that it is only turned on for InfoPath.exe, Document Information Panel, and Workflow forms or turn it off completely. Never run Prompt before running Run without prompting This policy setting controls how InfoPath handles e-mail forms that contain code or script. If you enable this policy setting, you can choose from three different options for prompting the user: - Never run - InfoPath will not open any e-mail forms that contain code or script. - Prompt before running - When users attempt to open e-mail forms that contain code or script, InfoPath will display a notification and allow users to choose whether to continue opening the form. This option is the default configuration. - Run without prompting - InfoPath will open any e-mail forms that contain code or script without prompting the user. This option could allow malicious code to run on the user's computer. If you disable this policy setting, InfoPath will open e-mail forms that contain code or script without prompting users. If you do not configure this policy setting, InfoPath notifies and prompts users before opening InfoPath e-mail forms that contain code or script. Control behavior when opening InfoPath e-mail forms containing code or script InfoPath caches data returned from querying data sources. This cached data can then be used when data sources are not accessible. This policy sets the max size of disk space to allocate to cached data. Offline Mode cache size Number of bytes: InfoPath caches data returned from querying data sources. This cached data can then be used when data sources are not accessible. Data is cached across all instances of a form template. This policy controls the maximum size of data to cache for form templates. Offline data cached per form template Show UI if XSN is in Internet Zone Always show UI Never show UI This policy setting controls whether users are warned when an InfoPath form contains a Web beaconing threat. If you enable this policy setting, you can choose from three options for controlling when InfoPath users are prompted about Web beaconing threats: - Never show UI - Always show UI - Show UI if XSN is in Internet Zone If you disable this policy setting users will not be warned of Web beaconing threats. Note -- this is the same behavior that occurs if you enable this policy setting and select "Never show UI." If you do not configure this policy setting, InfoPath users are only warned of a beaconing threat if the form originates from the Internet. Email Forms Beaconing UI Disable hosting the Microsoft InfoPath Filler Control in custom applications. Disable Microsoft InfoPath Filler Control Publish Microsoft InfoPath 2010 (Machine) Submit Data Connections This policy setting determines the configuration of offline mode in InfoPath. If you enable this policy setting, you must choose an offline mode status. The following options are available: - Disabled: If this option is selected, InfoPath starts in online mode and offline mode cannot be enabled by users. - InfoPath in Offline Mode: If this option is selected, InfoPath starts in offline mode and caches queries for use in offline mode. The user can select online mode if required. - InfoPath not in Offline Mode: If this option is selected, InfoPath starts in online mode but the user can select offline mode if required. InfoPath caches queries for use in offline mode. If you disable this policy setting, the behavior will be the same as enabling this policy setting and selecting "Disabled." If you do not configure this policy setting, InfoPath is in online mode, but offline mode is available to users if they select the "Cache queries for use in Offline mode" option under File tab | Options | General | InfoPath Options | Advanced tab. Enabled, InfoPath not in Offline Mode Enabled, InfoPath in Offline Mode Disabled Offline Mode status Offline Prevent these file types from being added to forms Example: '.ext', or '.ext, .ex1, .ex2, <...>' File Types: Allow these files which would normally be blocked to be added to forms Example: '.ext', or '.ext, .ex1, .ex2, <...>' Wait: (milliseconds 0-10,000) Direction: Display a warning that a form is digitally signed This setting controls whether the user sees a dialog box when opening Microsoft InfoPath forms containing digitally signed content. By default, InfoPath shows the user a warning message when the form contains a digital signature. When this setting is set to disabled, this dialog box is not shown. Prevent users from allowing unsafe file types to be attached to forms This policy setting determines whether InfoPath allows unsafe file types to be attached to forms. If you enable this policy setting, InfoPath users cannot attach unsafe file types to forms. If you disable or do not configure this policy setting, users can attach any type of file to forms except potentially unsafe files that might contain viruses, such as .bat or .exe files. Important - disabling this policy setting does not by itself allow InfoPath users to attach unsafe file types to forms. You must also enable the "Allow file types as attachments to forms" policy setting and specify which file types you would like to allow. Block specific file types as attachments to forms This policy setting allows administrators to add file types (determined by file extension) to the standard list of file types that InfoPath blocks users from attaching to forms. If you enable this policy setting, you can specify file type extensions to block in addition to the standard list of prohibited file types in InfoPath. If you disable or do not configure this policy setting, users can attach any type of file to the form except potentially unsafe files that might contain viruses, such as .bat or .exe files. Allow file types as attachments to forms This policy setting controls which types of files (determined by file extension) can be added to InfoPath forms as attachments. If you enable this policy setting and "Prevent users from allowing unsafe file types to be attached to forms" is Disabled or not configured, you can specify file type extensions to remove from the standard list of prohibited file types in InfoPath, thereby allowing users to attach files of the specified types to forms. Important - If "Prevent users from allowing unsafe file types to be attached to forms" is enabled, enabling this policy setting does nothing: any extensions specified here will not be allowed as attachments to forms. Conversely, if there is a legitimate need to allow users to attach files of unsafe types to forms, the "Prevent users from allowing unsafe file types to be attached to forms" setting must be disabled in addition to enabling this policy setting and specifying the file types to allow. If you disable or do not configure this policy setting, users can attach any type of file to forms except potentially unsafe files that might contain viruses, such as .bat or .exe files. Allow the use of ActiveX Custom Controls in InfoPath forms Permit users to make use of ActiveX Custom Controls when designing and filling out Microsoft InfoPath forms. Disable Common Language Runtime errors when filling out forms This policy setting controls the amount of detail and number of dialogs users will see by default when a managed code exception is thrown. If managed code in an InfoPath form throws an exception, a dialog will always be displayed to users filling out the form. If you enable this policy setting, a single dialog will be shown, and the managed code exception details will be hidden by default. If you disable this policy setting, two dialogs will be shown when a managed code exception is thrown. - The first dialog will contain the managed code exception stack trace. - The second dialog will contain the managed code exception details which will be hidden by default. If you do not configure this policy setting, a single dialog will be shown, and the managed code exception details will be hidden by default. AutoRecover Interval Microsoft InfoPath can save a form's data automatically while a user is filling out a form. This options sets the amount of time between automatic saves when AutoRecover is turned on. Enable AutoRecover Microsoft InfoPath can save a form's data automatically while a user is filling out a form. This option turns on AutoRecover. Display a shaded ink guide for handwriting Turns on the shaded ink guide when entering text in Ink entry. Enter milliseconds before recognizing handwriting Sets the number of milliseconds that Microsoft InfoPath will wait before recognizing handwriting. Display a warning dialog box that user is entering text in Ink entry mode Informs users that Ink entry is turned on by showing a warning dialog box. Ink Entry Set this option to open Microsoft InfoPath in Ink entry mode. Enter text direction for new forms Specifies the orientation of new forms. The forms could either be left to right (LTR) or right to left (RTL). Advanced Ink Design Enter URL: Allow users to turn on and off printing of background colors. This policy setting controls whether users can open InfoPath solutions from a source located in the Internet security zone. If you enable this policy setting, InfoPath displays an error if users attempt to open solutions that are located in the Internet security zone. If you disable or do not configure this policy setting, users can open InfoPath solutions that do not contain managed code from sources located in the Internet security zone as defined in the Internet Options dialog in Internet Explorer. Turn off InfoPath Designer mode Disable fully trusted solutions full access to computer Disable opening of solutions from the Internet security zone This policy setting controls whether InfoPath users can design new or existing form templates. If you enable this policy setting, users will be blocked from designing new and existing form templates. If you disable or do not configure this policy setting, users will be able to design new and existing form templates. This policy setting controls whether InfoPath users can open fully trusted forms. If you enable this policy setting, InfoPath users will not be able to run any forms marked as fully trusted. This configuration is equivalent to the "Allow fully trusted forms to run on my computer" user interface (UI) option being unchecked in the Trusted Publishers category of the Trust Center, and users cannot change it. If you disable this policy setting, InfoPath users can run fully trusted forms on their computers, but cannot uncheck the "Allow fully trusted forms to run on my computer" UI option in the Trusted Publisher's category of the Trust Center. If you do not configure this policy setting, InfoPath users can choose whether to allow trusted forms to run on their computers. This policy setting allows you to disable specific command bar buttons and menu items in the specified applications. If you enable this policy setting you can disable specific command bar buttons and menu items in the user interface for the selected application. The predefined list of command bar buttons and menu items you can disable becomes available to you when you enable this policy setting. If you disable or do not configure this policy setting, the predefined list of command bar buttons and menu items are enabled for the application. This policy setting allows you to disable specific shortcut key combinations in the specified applications. If you enable this policy setting you can disable specific shortcut keys for the selected application. The predefined list of shortcut keys you can disable becomes available to you when you enable this policy setting. If you disable or do not configure this policy setting, the predefined list of shortcut keys are enabled for the application. East Asian Language Find Hide spelling errors Insert Hyperlink Shortcut (Ctrl+K) Match cho-on used for vowels Match full/half width forms Match minus, dash, cho Microsoft InfoPath 2010 No Normal Number of entries: Print Preview Shortcut(Ctrl+f2) Print Shortcut (Ctrl+P) Select EA line breaking behavior Set EA line breaking This policy setting controls the maximum number of recently saved form templates and forms to display in the Recent tab. In InfoPath Designer and InfoPath Filler, the most recently saved form templates and forms are displayed in the Recent tab. If you enable this policy setting, you can set the values which will apply to the InfoPath Designer Recent Form Templates list and the InfoPath Filler Recent Forms list. The value can range from 0 to 50. If you disable or do not configure this policy setting, the 17 most recently saved form templates will be displayed in InfoPath Designer, and the 17 most recently saved forms will be displayed in InfoPath Filler. Spelling & Grammar Strict Yes Yes: Disables the option "Print background colors and pictures" in General tab of the Tools | Options dialog box. | No: Enables the option "Print background colors and pictures" in General tab of the Tools | Options dialog box. InfoPath e-mail forms Disable sending form template with e-mail forms This policy setting controls whether users can send form templates along with InfoPath e-mail forms. If you enable this policy setting, users cannot send form templates as attachments to e-mail messages from InfoPath. Forms templates will have to be published to a network location or installed by users prior to using a particular form. If you disable or do not configure this policy setting, InfoPath allows users to attach form templates when sending e-mail forms. Note - The form template is only opened directly if the form opens with a restricted security level. Otherwise the attachment is actually a link to the published location. Disable dynamic caching of the form template in InfoPath e-mail forms This policy setting controls whether templates sent with InfoPath e-mail forms are cached locally. If you enable this policy setting, InfoPath does not cache the form template attached to the mail item; instead, it caches the form template from the published location. This requires restricted forms to be published rather than just sent by e-mail. Users can still be sent forms by e-mail, but the form template must be available from the published location. If you disable or do not configure this policy setting, InfoPath caches form templates when they are attached to a mail item that is recognized as an InfoPath e-mail form. When users fill out forms that open with a restricted security level, InfoPath uses the cached version of the mailed template, rather than any published version. Disable sending InfoPath 2003 Forms as e-mail forms This policy setting controls how forms that are compatible with InfoPath 2003 are sent by e-mail. If you enable this policy setting, InfoPath 2010 cannot send forms that are compatible with InfoPath 2003 as integrated e-mail forms. These forms cannot be distributed using e-mail until they are upgraded to InfoPath 2010 forms. If you disable or do not configure this policy setting, InfoPath sends all forms via e-mail using InfoPath e-mail forms integration, including forms that were created using the InfoPath 2003 file format. Disable e-mail forms running in restricted security level This policy setting determines whether e-mailed forms that run at the Restricted security level can be opened. If you enable this policy setting, users will not be able to open e-mail forms that run at the Restricted security level. Typically, this policy setting is only enabled if you do not wish e-mail forms to be opened at all, which means that the following policy settings would all need to be enabled as well. - Disable e-mail forms from the Full Trust security zone - Disable e-mail forms from the Internet security zone - Disable e-mail forms from the Intranet security zone If you disable or do not configure this policy setting, InfoPath e-mail forms running with the restricted security level can be opened. Disable e-mail forms from the Internet security zone This policy setting controls whether e-mail forms that originate from the Internet can be opened. If you enable this policy setting, users will not be able to open e-mail forms from the Internet. Instead, these forms will need to be published and opened in InfoPath. If you disable or do not configure this policy setting, forms that originate from the Internet can be opened, although those forms cannot access content that is stored in a different domain. Disable e-mail forms from the Intranet security zone This policy setting controls whether e-mail forms that originate from the user's local intranet can be opened. If you enable this policy setting, users will not be able to open e-mail forms from the local intranet. Instead, these forms will need to be published and opened in InfoPath. If you disable or do not configure this policy setting, forms that originate from the local intranet can be opened. Disable e-mail forms from the Full Trust security zone This policy setting controls whether InfoPath can open fully trusted e-mail forms. If you enable this policy setting, users will not be able to open fully trusted e-mail forms. Instead, these forms will have to be opened in InfoPath. If you disable or do not configure this policy setting, InfoPath can open e-mail forms with full trust. Disable InfoPath e-mail forms in Outlook This policy setting controls whether Outlook 2010 renders InfoPath e-mail forms in place or as attachments. If you enable this policy setting, Outlook 2010 renders InfoPath forms as e-mail messages with form attachments and all InfoPath e-mail form-specific behavior in Outlook is disabled. If you disable or do not configure this policy setting, Outlook 2010 uses the InfoPath e-mail forms feature to render forms in Outlook and allows users to fill them out in place. Disable exporting InfoPath e-mail forms to Excel This policy controls the ability to export InfoPath e-mail forms to Excel. By default, InfoPath e-mail forms in Outlook can be exported to create an XML list in Excel. When this setting is checked, InfoPath e-mail forms will not be allowed to export to Excel from Outlook. Disable merging InfoPath e-mail forms This policy controls the ability to merge InfoPath e-mail forms in InfoPath. By default, InfoPath e-mail forms in Outlook can be merged as a single InfoPath form. When this policy is checked, InfoPath e-mail forms will not be allowed to merge from Outlook. Disable export InfoPath e-mail forms This setting controls the ability to export InfoPath e-mail forms from Outlook. By default, InfoPath e-mail forms in Outlook can be exported to a file folder or other network location. When this policy is checked, InfoPath e-mail forms will not allow export from Outlook. Beaconing UI for forms opened in InfoPath This policy setting controls whether InfoPath users see a security warning when they open an InfoPath form that contains a Web beaconing threat. If you enable this policy setting, you can choose from three options for controlling when users are prompted about Web beaconing threats in InfoPath: -Never show beaconing UI. InfoPath does not warn users about potential Web beaconing threats. -Always show beaconing UI. InfoPath warns users about potential Web beaconing threats, regardless of the location of the form template. -Show UI if form template is from Internet Zone. InfoPath warns users about potential Web beaconing threats when the form template is located in the Internet security zone in Internet Explorer. If you disable this policy setting InfoPath does not warn users about potential Web beaconing threats. If you do not configure this policy setting, InfoPath warns users about potential Web beaconing threats. Beaconing UI for forms opened in InfoPath Never show beaconing UI Always show beaconing UI Show UI if Form Template is from Internet Zone Beaconing UI for forms opened in InfoPath Filler ActiveX InfoPath makes it possible to host InfoPath forms in other applications as ActiveX controls. Such controls are known as InfoPath form controls. This policy setting controls whether InfoPath users see a security warning dialog when they open an InfoPath form control that contains a Web beaconing threat. If you enable this policy setting, administrators can choose from three options for controlling when users are prompted about Web beaconing threats: - Never show beaconing UI. The InfoPath form control does not warn users about potential Web beaconing threats. - Always show beaconing UI. The InfoPath form control warns users about potential Web beaconing threats, regardless of the location of the form template. - Show UI if form template is from the Internet Zone. The InfoPath form control warns users about potential Web beaconing threats when the form template is located in the Internet security zone in Internet Explorer. If you disable this policy setting, InfoPath form controls do not warn users about potential Web beaconing threats. If you do not configure this policy setting, InfoPath form controls warn users about potential Web beaconing threats. Beaconing UI for forms opened in InfoPath Filler ActiveX Never show beaconing UI Always show beaconing UI Show UI if Form Template is from Internet Zone Restricted Features Disable opening forms with managed code from the Internet security zone In InfoPath 2003, InfoPath forms located in the Internet security zone could not open if they contained managed code. By default, InfoPath has the same behavior. However policy can be enabled to allow opening and running managed code from the Internet security zone. Offline Mode status Disable commands Number of bytes: Allow users to turn on and off printing of background colors. File Types: Enter URL: Security InfoPath Designer: InfoPath Filler: Direction: Select EA line breaking behavior Wait: (milliseconds 0-10,000) Number of bytes: Number of bytes: Offline Mode status File tab | Print | Print File tab | Share | Send Using E-Mail File tab | Print | Print Preview Page Design tab | Page Setup Insert tab | Hyperlink Home tab | Spelling Menu | Set Proofing Language File tab | Help | Options File tab | Print | Quick Print Print Shortcut (Ctrl+P) Print Preview Shortcut(Ctrl+f2) Insert Hyperlink Shortcut (Ctrl+K) Enter a command bar ID to disable Path: Date: Description: Path: Date: Description: Path: Date: Description: Path: Date: Description: Path: Date: Description: Path: Date: Description: Path: Date: Description: Path: Date: Description: Path: Date: Description: Path: Date: Description: Path: Date: Description: Path: Date: Description: Path: Date: Description: Path: Date: Description: Path: Date: Description: Path: Date: Description: Path: Date: Description: Path: Date: Description: Path: Date: Description: Path: Date: Description: Allow these file types. Example: exe; bat; cmd Prevent these file types. Example: exe; bat; cmd Beaconing UI for forms opened in InfoPath Beaconing UI for forms opened in InfoPath Filler ActiveX Enter URL: Allow users to turn on and off printing of background colors.