none
Turn off "Internet Explorer Enhanced Security Configuration is enabled"

    Question

  • In XP/2003 I can turn off the "Internet Explorer Enhanced Security Configuration is enabled" in IE in the Add/Remove programs.

    How do I do this in Windows Server 2003 / Longhorn?

    Ian

    Friday, July 27, 2007 11:52 AM

Answers

  • Found it finally.

    Go to Server Manager
    Click the top item in the tree to the left "Server Manager"
    On the page that appears, go to "Security Information"
    Look for "Configure IE ESC" on the right.

    Perhaps IE ESC could be renamed to "IE Security"


    Friday, July 27, 2007 11:57 AM

All replies

  • Found it finally.

    Go to Server Manager
    Click the top item in the tree to the left "Server Manager"
    On the page that appears, go to "Security Information"
    Look for "Configure IE ESC" on the right.

    Perhaps IE ESC could be renamed to "IE Security"


    Friday, July 27, 2007 11:57 AM
  • Why is not just in ....Internet explored security options.....DUH ...another common sense out the window scenario.....

     

    It shoud be a checkbox on the main security tab......you are welcome Microsoft....please send me a check.....
    Sunday, October 07, 2007 11:21 AM
  • This hiding of features is what bugs me about Vista and Server 2008. Things that used to be easy to find are scattered around.

    A matrix or search tool of how it was done in a prior OS and the same task is done in the current OS would lead to better adaption of Vista and 2008.

     

    For example there is no Add/Remove Programs an Windows Features in 2008 like it is in 2003, XP Pro, 2000 or Win98. Moving it to features at least requires a breadcrumb in the prior location.

     

    Stuff that was so easy with a Right click Properties is now 3-4 more layers down.

     

    Saturday, April 12, 2008 7:41 PM
  • I have just installed Server 2008 for the first time.  But the documentation is still of Server 2003 vintage.

    res://iesetup.dll/IESechelp.htm#manage on my system says:

    Go to Control Panel and then Add or Remove Programs.  I assume it's Program and Features.

    Then it says go to Add/Remove Windows Components.  I assume it's now Turn Windows features on or off.

    Well, it's nowhere to be found under Turn Windows features on or off.

    Thursday, July 08, 2010 3:14 AM
  • On Thu, 8 Jul 2010 03:14:44 +0000, K.Kong wrote:

    I have just installed Server 2008 for the first time.? But the documentation is still of Server 2003 vintage.

    res://iesetup.dll/IESechelp.htm#manage on my system says:

    Go to Control Panel and then?*Add or Remove Programs*.? I assume it's*Program and Features*.

    Then it says go to *Add/Remove Windows Components*.? I assume it's now*Turn Windows features on or off*.

    Well, it's nowhere to be found?under *Turn Windows features on or off*.

    Open Server Manager. Look at the far right side of the section labeled
    Security Information.


    Paul Adare
    MVP - Identity Lifecycle Manager
    http://www.identit.ca

    Thursday, July 08, 2010 10:47 AM
  • Sorry to confuse.  I did see the answer by Ian Vink.  Posted my message hoping that the powers that be see it and will update the doucmentation.
    Thursday, July 08, 2010 11:17 AM
  • After setting both admins and users to off, users found in Remote Desktop group on our Terminal Services Server still has IESC enabled.  Is there any other places to check?  GPO shows no added config for IESC.  It's running win2008 ent 32-bit.

    Friday, July 16, 2010 1:15 PM
  • On Server 2003, this option is the best way to disable enhanced security on I.E.


    T Beaucage
    Thursday, February 10, 2011 1:52 PM
  • Fuck you microsoft.  yet another asshole move.  Lets make it really fucking frustrating....
    • Proposed as answer by klab Saturday, July 30, 2011 7:24 AM
    Friday, June 10, 2011 11:43 PM
  • Remove "Internet Explorer Enhanced Security" using Add\Remove programs Don't bother to try and configure it.
    Monday, July 11, 2011 1:11 PM
  • This is for windows server 2003.

    To enable/Disable Internet Explorer Enhanced Security Configuration

    1. Open Control Panel, click Add or Remove Programs, and then click Add/Remove Windows Components.
    2. Select Internet Explorer Enhanced Security Configuration, and then do one of the following:
      • To apply the Internet Explorer Enhanced Security Configuration to both administrators and all other users, click Next.
      • To apply the Internet Explorer Enhanced Security Configuration to only one of these groups (either administrators or users who are not in an Administrators group), click Details, select either For administrator groups or For all other user groups.
    3. Click Next, and then click Finish.
    4. Restart Internet Explorer to apply the enhanced security settings.

     

    Wednesday, August 17, 2011 3:40 AM
  • Fuck you microsoft.  yet another asshole move.  Lets make it really fucking frustrating....


    I find this sentiment to NOT BE ABUSIVE and is an accurate summary of the situation.

     

    Thank you WindowsBlows if only our squeeky little voices made a difference.

     

    My observation is this:  Even after disabling IE ESC as described above I am reminded with EVERY SINGLE page

    that IE ESC is not turned on with a large yellow bar at the top.  Which is really annoying. Would love to turn off the yellow bar.

    I find some obscure thing called    f i r e f o x    and     c h r o m e  working really well and frustration free.

     

    I want less frustration.



    Also grateful that no M V P's appeared to answer. Those answers are never solutions at all, EVER.

     

    Monday, August 22, 2011 8:55 PM
  • Without a doubt the single most annoying time consuming feature built into Windows.
    Saturday, September 17, 2011 3:56 PM
  • Fuck you microsoft.  yet another asshole move.  Lets make it really fucking frustrating....


    I find this sentiment to NOT BE ABUSIVE and is an accurate summary of the situation.

     

    Thank you WindowsBlows if only our squeeky little voices made a difference.

     

    My observation is this:  Even after disabling IE ESC as described above I am reminded with EVERY SINGLE page

    that IE ESC is not turned on with a large yellow bar at the top.  Which is really annoying. Would love to turn off the yellow bar.

    I find some obscure thing called    f i r e f o x    and     c h r o m e  working really well and frustration free.

     

    I want less frustration.



    Also grateful that no M V P's appeared to answer. Those answers are never solutions at all, EVER.

     


    The real problem here, unfortunately, is not Microsoft.  I would love to blame them, but frankly it is not their fault this time.

     

    Remember that lawsuite a while back?  Some company with a poor server administrator who had no clue how to secure his server ended up suing Microsoft for "not being secure".  So now we have Microsoft having to tow down to the layers so they don't get sued again.

    And that means making everything way too difficult for those of us who understand exactly what we are doing and why we are doing it -- and bearing in mind the what's and why's have decided we do not want certain security features enabled in our environments.

    Take them to court now and all they have to do is say the "made it very difficult to disable security features" and the jerk suing them "intentionally bypassed system safety measures"

    • Proposed as answer by endyrx Tuesday, October 04, 2011 7:18 AM
    Wednesday, September 21, 2011 11:58 PM
  • Hello all. I have the same problem with my SEPM. The problem come from firewall in my case. I using Isa server 2004. I make a rule who allow all outbound traffic from "Computer" sepm-hostname/ip address (this is object in firewall who have to be created from the appropriate menu) to External network.

    Everything run smoothly. No more error = 4 or 2.

     

    For future use. Almost 99% of the returned error 4 or 2 is related to firewalls.

     

    Good luck to all and sorry for may pure English.

    Tuesday, October 04, 2011 7:23 AM
  • Is there a "Server Manager" in Windows Server 2003???

    It seemed like your original question pertained to Server 2003....


    Bob K
    Tuesday, November 29, 2011 1:44 AM
  • This is amazingly difficult. Is there a single definitive list that says exactly what to do?
    Monday, January 09, 2012 4:46 PM
  • Rudhra1 gave the definitive answer on Wednesday, August 17, 2011 3:40 AM

    Thank you Rudhra1

     

     

    Friday, January 20, 2012 9:33 PM
  • Instead of complaining, perhaps an alternate solution is for you to develop your own web browser.  You design it to your satisfaction and deal with security issues yourself.  If you don't like IE, make your own path.
    • Proposed as answer by toddrenouf Friday, April 06, 2012 2:12 AM
    • Unproposed as answer by toddrenouf Friday, April 06, 2012 2:12 AM
    Thursday, February 16, 2012 3:09 PM
  • sorry about the propose un-propose - thought it referred to what i was writing - i have disabled IE ESC so that all web pages open without its check - i did it thus _ went to control panel>programs and features>turn windows features on and off> security information>configure IE ESC - here is the option to turn on and off for administrator and/or users - after my doing this it was removed from IE and as mentioned web pages open without the pop up of ESC   
    Friday, April 06, 2012 2:20 AM
  • Can someone explain this screen shot...  Server Manager says its off, but the browser says (and behaves as if) its on...

    When logged in as THE Administrator the setting is honored, but when logged in as any other account it is not.

    Monday, April 30, 2012 10:00 PM
  • If anyone is interested in how to do this in Server 2008

    Follow this tutorial:

    Disable Internet Explorer Enhanced Security Configuration - Windows Server 2008

    I hope this helps!

    • Proposed as answer by TheXternal Tuesday, June 12, 2012 9:05 AM
    Tuesday, June 12, 2012 9:04 AM
  • Restart Internet Explorer then it should work
    Tuesday, June 12, 2012 9:05 AM
  • Thanks!

    It works for me.

    Tuesday, June 19, 2012 2:27 PM
  • god only knows why this is enabled by default at all.  just another thing for administrators to have to disable by default on every single server.  Haven't met a single admin who ever leaves this enabled.
    Wednesday, March 06, 2013 4:02 PM
  • god only knows why this is enabled by default at all.  just another thing for administrators to have to disable by default on every single server.  Haven't met a single admin who ever leaves this enabled.

    Hello, look at me and you will. ;) There's no single reason to make ALL servers able to browse internet. Maybe, terminal servers should. But the most of servers MUST be ESC-enabled. I think, security reasons are clear enough for all administrators.

    Сквозь сиреневый дым...

    Wednesday, April 24, 2013 8:20 PM
  • Found it finally.

    Go to Server Manager
    Click the top item in the tree to the left "Server Manager"
    On the page that appears, go to "Security Information"
    Look for "Configure IE ESC" on the right.

    Perhaps IE ESC could be renamed to "IE Security"


    Thanks Ian.

    Kind Regards Jaber

    Monday, July 01, 2013 1:53 AM
  • On a Windows 2003 terminal server adding the IE ESC and re-adding solved the problem for administrator users only. 

    The fix for remote desktop users was to search the registry for the IEHarden and IEHardenIENoWarn values for each users profile within the registry and set the value to 0.
    Wednesday, October 23, 2013 1:12 PM
  • Sorry Mikey but I do not agree with your answer.

    Law doesn't say you to continuously display the popup / notifications again and again on the windows.

    It might be good that you display a popup once asking what would you like to do bla bla and take a response once.

    Being a Quality Engineer my response is It's a bad design for sure which could have been avoided :) . Every one is not dumb enough with security that you bug them consistently.

    Depinder Bharti


    Thursday, October 31, 2013 6:32 AM
  • We believe in helping and Improving things with our reviews :) 

    Re inventing the wheel is not going to help and I think Microsoft should be happy that customers are dropping their comments/Reviews so that they can take care of it in their Next versions or release a patch.

    Noticed?  instead of coming here people could have started using Google Chrome/FireFox etc but the real guys are here.

    Thursday, October 31, 2013 6:35 AM
  •  dun understand their intention,

    it is to make it easier to find to disable, it should be always on

    Friday, November 01, 2013 8:18 AM
  • Hi Steven, the same thing just happened to me running Server 2008 Datacenter Edition on AWS. Did you ever find a solution for turning this off and getting IE to honor it?

    Friday, November 01, 2013 5:21 PM