Announcement

Collapse
No announcement yet.

File Open Security Warning

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • File Open Security Warning

    Hi,

    I have added a batch file in "Computer Configuration" startup script.
    But it returns "File Open Security Warning" at the time of running.

    I want this batch file to run without any warning.

    Thanks
    Cheers!!
    MCSE 2003,MCSA- Messaging 2003, VCP

  • #2
    Re: File Open Security Warning

    See if this thread answers your questions http://forums.petri.com/showthread.php?t=3871
    Regards,
    Jeremy

    Network Consultant/Engineer
    Baltimore - Washington area and beyond
    www.gma-cpa.com

    Comment


    • #3
      Re: File Open Security Warning

      Actualy I think there are tree options for your situation.
      Choose one of the solutions below:

      (Follow the URLs from 'JeremyW' for a better description of the first two solutions)

      Solution 1
      On every workstation - per user settings:
      Set the option to Include all network paths (UNCs) to the Local Intranet Zone to the security of Internet Explorer.

      Registrykey: HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Internet Settings\ZoneMap
      - Change the value of "UNCAsIntranet" to REG_DWORD 1
      - if IE7 Also change the value "AutoDetect" to REG_DWORD 0

      Solution 2
      On every workstation - per user settings:
      Add the FQDN of the server(s) as a trusted site to the security of Internet Explorer,
      (Do not add the unc path here!, just type a dns-name to trust the server as a source for executables thats all).

      Registrykey: HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Internet Settings\ZoneMap
      - Add your local domain as a new subkey (example keyname: domain.local).
      - Then add a REG_DWORD item with the name: * and the value: 2 (2 stands for the zone 'Trusted Sites') to this key.
      Registrykey: HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Internet Settings\Zones\2
      - Change the value of "Flags" to REG_DWORD 43 (be sure no Iexplore windows are opened at that time).

      -=OR=-
      Registrykey: HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Internet Settings\ZoneMap
      - Add your local domain as a new subkey (example keyname: domain.local).
      - Then add a REG_DWORD item with the name: * and the value: 1 (1 stands for the zone 'Local Intranet') to this key.
      Registrykey: HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Internet Settings\Zones\1
      - Change the value of "Flags" to REG_DWORD df (be sure no Iexplore windows are opened at that time).
      (if you choose this '2b'-option but prefere to do the settings via the IE user interface. Also here, do not use the name of the unc path (unless the clients are all Windows Server 2003 TerminalServer clients)).


      (note to solution 2: Every unique domainname can added only once as a subkey, For each subkey you must choose one of the the zones to apply; 'Trusted Sites', 'Restricted Sites' or 'Local Intranet'.

      Solution 3
      Instead of using UNCs to the netwokshare containing the files to be executed, create a domain DFS root and use paths from that root.

      \Rems



      EDIT -
      http://www.microsoft.com/technet/pro....mspx?mfr=true
      Note: By default, security zones settings are stored in the HKEY_CURRENT_USER registry key.
      Because this key is dynamically loaded for each user, the settings for one user do not affect the settings of another. Only the local machine settings will be used if;
      - the Security Zones: Use only machine settings setting is enabled in group policy
      ~OR~
      - the Security_HKLM_only DWORD value is set to 1 in the following key: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersio n\Internet Settings

      With this policy setting enabled, only machine settings will be used instead of user settings.
      ~
      Last edited by Rems; 25th June 2007, 17:52. Reason: HKLM v.s. HKCU

      This posting is provided "AS IS" with no warranties, and confers no rights.

      __________________

      ** Remember to give credit where credit's due **
      and leave Reputation Points for meaningful posts

      Comment


      • #4
        Re: File Open Security Warning

        Thanks JeremyW & Rems

        Problem solved.
        Cheers!!
        MCSE 2003,MCSA- Messaging 2003, VCP

        Comment


        • #5
          Re: File Open Security Warning

          Excellent. Glad to help.

          Mind sharing what method you used?
          Regards,
          Jeremy

          Network Consultant/Engineer
          Baltimore - Washington area and beyond
          www.gma-cpa.com

          Comment

          Working...
          X