locked
Security Warning when open/run file from a Network Share RRS feed

  • Question

  • Hi all,

    We have Windows VISTA SP2 with IE 7 in use.

    One Week ago, it was required to change the Share mapings from \\server1\share1 to \\server1.ourdomain.com\share1.

    Since this change, there is the issue, that if Itry to open a file (cmd or exe) from this share, a Security warning appears.
    If I change back the mapping to example 1 (without domain), I can open the file without any messages. Also it works when I open the file by UNC path and not with X:\Share1\..

    The differnt is that if I use the mapping with domain, the Share is recogized as "Internet Zone" and not "Local Intranet".
    So I add \\server1.ourdomain.com (also tried file://server1.ourdomain.com) to the Local Intranet Zone by GPO but no success.

    When I open the file with X:\Share1\.. the warning message still appears. With the UNC Path it works well...

    Any Ideas..?

    Thanks for help

    EDIT: That's funny... I've updated the Internet Explorer to IE 9 on the same Client and now the share has been recognized as Local Intranet..but this is only for test.
    So it seems that there is somthing wrong with IE 7.. 


    Tuesday, July 5, 2011 5:38 PM

Answers

  • The working solution is to add the following Reg-Key.

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESPECT_ZONEMAP_FOR_MAPPED_DRIVES_KB929798]
    "*"=dword:00000001

    cheers

    Mike

    • Marked as answer by Mike Muffin Thursday, July 21, 2011 11:57 AM
    Thursday, July 21, 2011 11:57 AM

All replies

  • Hi,

    Please check the IE 7 settings by the following methods:

    Method 1:
     
    Enable the Include all network paths (UNCs) setting in Internet Options applet.
     
    •Click Start, Run and type INETCPL.CPL
    •Select the Security tab, Local intranet
    •Click Sites button
    •Put a checkmark near the following option:
     
    Include all network paths (UNCs)

    Method 2:

    Add the IP or FQDN of the network computer to your Local Intranet or Trusted sites zone in Internet Explorer.
     
    •Click Start, Run and type INETCPL.CPL
    •Select the Security tab, Trusted sites
    •Click Sites button
    •Add the IP address of the remote computer to the list
     (You can also add the network shares to the Local Intranet zone.)
    •Uncheck Require server verification (https:) for all sites in this zone and click Close
    •Click OK, OK and close the dialog

    Will this workaround the issue?

    Regards,


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread. ”
    Tuesday, July 12, 2011 7:16 AM
    Moderator
  • The working solution is to add the following Reg-Key.

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_RESPECT_ZONEMAP_FOR_MAPPED_DRIVES_KB929798]
    "*"=dword:00000001

    cheers

    Mike

    • Marked as answer by Mike Muffin Thursday, July 21, 2011 11:57 AM
    Thursday, July 21, 2011 11:57 AM