Windows2008_Terminal_Server_IE_Enhanced_Security_Config_Warning_Overrides_GPO
-
Wednesday, November 03, 2010 8:52 PM
hello
we have a new windows 2008 terminal server. we also have a win2003 GPO that sets the IE homepage for all users to our internal portal page. we have noticed the default IE 8 warning "Caution: Internet Explorer Enhanced Security Configuration is not enabled" page comes up and ignores the GPO that sets the homepage to our portal page. is there a way around this? is this because of IE8 ignoring the GPO that worked for IE7 and earlier?
All Replies
-
Wednesday, November 03, 2010 9:06 PM
Open Server Manager, if not selected select "Server Manager (COMPUTERNAME)" at the top.
Look for the "Security Information" section, and select "Configure IE ESC" over to the right.
Here you can disable it.
I am not aware of a GPO to disable this.
-
Thursday, November 04, 2010 10:56 PM
hello
thanks for the suggestion, unfortunately that setting is already set but we still see the IE default and not our GPO setting. any other ideas from anyone?
-
Friday, November 05, 2010 7:44 AMModerator
Hi,
According to my test, the GPO of the user configuration can meet your request.
User Configuration->Windows Settings->Internet Explorer Maintenance->URLs/Important URLs
If this issue still persists, please help to confirm the following questions so that I can provide the exact suggestion.
1. Do you check the IE home page setting of the problematic PCs when this issue happens?
2. Does this issue exist in all of PCs or just only one specific PC?
3. Can you use the PING command to test the connection between the DC and client, do you get the desired IP address from both side?
4. Temporally disable all of firewall of client and use the gpupdate /force to test it again, what’s the result?
Meanwhile, please run the “Gpresult /H gpreport.html” command on the problematic PC and then send the resulting gpresult.html to us.
========================================================================
For your convenience, I have created a workspace for you. You can upload the information files to the following link. (Please choose "Send Files to Microsoft")
Workspace URL: (https://sftasia.one.microsoft.com/choosetransfer.aspx?key=b7ca9f32-c6fa-4522-84c2-f739892cf45e )
Password: -+gAyZg!40Ve
Note: Due to differences in text formatting with various email clients, the workspace link above may appear to be broken. Please be sure to include all text between '(' and ')' when typing or copying the workspace link into your browser. Meanwhile, please note that files uploaded for more than 72 hours will be deleted automatically. Please ensure to notify me timely after you have uploaded the files. Thank you for your understanding.
- Proposed As Answer by Alan ZhuModerator Friday, November 05, 2010 7:44 AM
-
Friday, November 05, 2010 4:16 PM
hello
is this a new win2008 IE8 GPO setting? just curious if the setting you are recommending is different from our GPO setting. in any regard, i created a local policy with the setting you recommended. i then had a new user log on for the first time, IE8 setup wizard pops up, answered all questions about the default search provider, turning off all accelerators, do not download updates, etc. and then it brings up the IE enhanced security is not enabled warning. this is for a windows 2008 terminal server.
-
Monday, November 08, 2010 2:06 AMModerator
Hi,
I double check the following setting of GPO, it’s the same as windows server 2003.
User configuration->Windows settings->Internet explorer maintenance->URLs
So far, Could you let me know whether the default page has been set to the mandatory page?
If not, I suggest you can check the GPO whether it has been assigned to this problematic PC or has covered by another setting of GPO.
Besides the user is the first time to use the IE8, they will be asked to configure some of the steps to initialize the IE. But it will never appear again for the same user.
-
Monday, November 08, 2010 2:59 PM
hello
our issue is not the setup wizard that keeps re-appearing, it is the default home page that comes up after the setup wizard is finished. the default IE 8 warning "Caution: Internet Explorer Enhanced Security Configuration is not enabled" keeps coming up when you close/restart IE8. it ignores our GPO setting to set the homepage as our portal sharepoint server.
-
Tuesday, November 09, 2010 2:59 AMModerator
Hi,
Please refer to the following suggestion to achieve your request.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\ESCHomePages]
"SoftAdmin"="new site name"
"HardAdmin"="res://iesetup.dll/HardAdmin.htm"
"HardUser"="res://iesetup.dll/HardUser.htm"
And if you have a 64 bit OS, change this as well, else only 64 bit IE will be affected. This registry key is for the 32bit version of IE.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\MAIN\ESCHomePages]
"SoftAdmin"="new site name"
"HardAdmin"="res://iesetup.dll/HardAdmin.htm"
"HardUser"="res://iesetup.dll/HardUser.htm"
Hope this helps.
- Proposed As Answer by Alan ZhuModerator Tuesday, November 09, 2010 3:00 AM
- Marked As Answer by Alan ZhuModerator Thursday, November 11, 2010 7:32 AM
-
Friday, December 17, 2010 3:19 PMyes that one works! thank you to everyone!
.png)
