On a domain joined Windows 10 computer, the option to turn SmartScreen on is greyed out and is set by the system administrator. I've checked the associated group policy setting and it's not defined.
How things should ordinarily be
According to the official description:
If you disable or do not configure this policy setting, Windows SmartScreen behavior is managed by administrators on the PC by using Windows SmartScreen Settings in Security and Maintenance.
This means if you configure this policy but set it to disabled or if you set the policy to not configured, you are able to log in with an administrative account, go to Control Panel, Security and Maintenance and configure the SmartScreen from there. (Alternatively, if the User Account Control is enabled, you can still go to Security and Maintenance and try to configure SmartScreen; you will be prompted for credentials of an administrator.)
How things actually are
Sometimes, however, Security and Maintenance still does not allow configuring SmartScreen even when the said policy is not configured on the local computer or Active Directory.
In this case do the following:
- Log in with an administrative account
- Do either of the following:
- Start gpedit.msc, go the said policy, set it to Enabled and click OK, then once again set it to Not Configured. (Source)
- Save the following script into a file called
EnableSmartScreen.reg and import it via Registry Editor.
Script:
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer]
"SmartScreenEnabled"="RequireAdmin"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]
"EnabledV9"=dword:00000001
