Sign in
 
Home2012Previous VersionsLibraryForumsGallery
System Center TechCenter > System Center Configuration Manager Forums > Configuration Manager 2007 Software Distribution > SCCM package - Get rid of Windows XP Open File Security Warning

Answered SCCM package - Get rid of Windows XP Open File Security Warning

    •  
      Monday, June 16, 2008 1:02 PM
       
       
      Sign In to Vote
      0
      Sign In to Vote
      Hi

      I have a few packages that are prompting the XP Security warning when the SCCM advertisement gets started.

      Does anyone to workaround this or to disable this?

      I have "inlcude all network paths (UNC)" checked in the security IE settings,

      I also tried to enable a GPO but without success.
      Local Computer Policy->User Configuration->Administrative Templates->Windows Components->Attachment Manager and enable "Default risk level for file attachments", and then enable "Inclusion list for low risk file types" and add to this list the file extensions

      It looks like this GPO does not apply when running an SMS package??

      Anyone? Tnx Nico
       

    Answers

    • Thursday, July 31, 2008 9:59 AM
       
       Answered
      Sign In to Vote
      0
      Sign In to Vote

      Hi,

       

      The environment variable "SEE_MASK_NOZONECHECKS" can be used to disable the prompt while the patch/installer is running. This removes the need to add the UNC source location to be a trusted location.

       

      Using the following code in a VBS file to disable the install of app:

      Set oShell = CreateObject("WScript.Shell")

      Set oEnv = oShell.Environment("Process")


      oEnv("SEE_MASK_NOZONECHECKS") = 1

       

      oShell.Run("patch.exe", 0, true)

      oEnv.Remove("SEE_MASK_NOZONECHECKS")

      I hope that helps?

       

      Crammy.

       

    All Replies

    • Friday, June 20, 2008 10:23 PM
      Owner
       
       
      Sign In to Vote
      0
      Sign In to Vote

      You have to get rid of it from the OS, it is not just Configuration Manager. We don't add the extra layer of security here, it is the OS itself. So if you can get rid of it with a manual install, it should not happen with Configuration Manager either.

       

      And to answer the question, no I don't know how to get rid of it.

       
    • Tuesday, July 29, 2008 3:21 PM
       
       
      Sign In to Vote
      0
      Sign In to Vote

      I have a package that runs fine if I run it by clicking on it. When I run it from SMS, it hangs with the Open File - Security Warning.

       
    • Thursday, July 31, 2008 9:32 AM
       
       
      Sign In to Vote
      0
      Sign In to Vote

      Hi,

       

      You are correct and this is normal behavior since with SCCM you run or execute the script from a UNC network path. That's different from executing it local.

       

      To disable the messages do the following:

      1. Go to Start, Run

      2. Typ INETCPL.CPL

      3. Go to the Security tab, Local Intranet

      4. Click the Sites button

      5. Typ the UNC path to your package(s) for instance \\SCCM001\Script\*.*

      6 Click the Add button

       

      To disable it on multiple systems create a GPO with the above settings.

       
    • Thursday, July 31, 2008 9:59 AM
       
       Answered
      Sign In to Vote
      0
      Sign In to Vote

      Hi,

       

      The environment variable "SEE_MASK_NOZONECHECKS" can be used to disable the prompt while the patch/installer is running. This removes the need to add the UNC source location to be a trusted location.

       

      Using the following code in a VBS file to disable the install of app:

      Set oShell = CreateObject("WScript.Shell")

      Set oEnv = oShell.Environment("Process")


      oEnv("SEE_MASK_NOZONECHECKS") = 1

       

      oShell.Run("patch.exe", 0, true)

      oEnv.Remove("SEE_MASK_NOZONECHECKS")

      I hope that helps?

       

      Crammy.