Re: Open file - security warning....How do I disable it?
- From: "Roger Abell [MVP]" <mvpNoSpam@xxxxxxx>
- Date: Mon, 20 Mar 2006 02:14:36 -0700
I believe that you can control the behavior through use of the
IE security settings (the IE adm templates are extensive).
Basically what you need to do is to make sure that the
\\domain and the sources \\servers to which DFS will refer
are recognized as being within the local intranet zone (and
that this still has settings to not do the prompting for intranet
zone sources)
"johnt" <johnt@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:0DA30DC8-7102-42A5-87CD-D57C49AB168A@xxxxxxxxxxxxxxxx
I would like to disable this feature for all users. Here is the
context
1. We are in the process of migrating to windows server 2003. We have
our data directories setup so that each client server accesses DFS
shares instead of directly talking to the servers that hold the client
data. The basic file system looks something like this:
\\domain\dfs\dfs_folder1
\\domain\dfs\dfs_folder2
\\domain\dfs\dfs_folder3
\\domain\dfs\dfs_folder4
\\domain\dfs\dfs_folder5 etc.........
When I click on certain .exe's or .bat's I notice that a dialog box
comes up for any user: open file - security warning.
I have already gone through the posts on this subject and I am able to
remove the warning if I go into gpedit.msc and then to the "User
configuration\attachment manager", I can specify a file type, ie. all
.exe's or all .bat's which doesn't help me because this appears to say
to ignore ANY .exe which is dangerous. I need the protection. I want
to be able to specify a list of permitted programs and have the
computer not ask me about them similar to creating an exception in the
windows XP firewall menus. The reason I think it is not working is
because gpedit.msc seems not to recognize the UNC names of my DFS
structure. "\\domain\dfs\share". I would love to be able to add a wild
card so it understands to treat the entire domain as intranet or local
and then remove security inside the network.
2. Next, I need to be able to make this a system wide adjustment
without going in the individual profies and making the changes all
across the network. I have also added the domain and all the servers
to the trusteds and local internet/intranet sites. Any viable solution
I find is a USER specific fix. I need to be able to run this GLOBALLY
meaning for everyone on the network including the system admins.
This would be great if either a .reg file existed or a script that I
could use in order to manualy add the exceptions, or disable the IEES
altogether. If we can keep it active great, but if it not then it is
certainly not the first priority.
1. My question is how can I set a group policy rule to allow programs
originating from inside the network wihtout this prompt
.
- Follow-Ups:
- Prev by Date: Re: Domain users members of local administrator
- Next by Date: Re: Web Certificate Enrollment security problem
- Previous by thread: Re: No Admin Rights
- Next by thread: Re: Open file - security warning....How do I disable it?
- Index(es):
Relevant Pages
|
