[gptalk] Re: Internet Explorer security flaw box pops up on redirected folder shortcut (My Documents)
- From: "Darren Mar-Elia" <darren@xxxxxxxxxx>
- To: <gptalk@xxxxxxxxxxxxx>
- Date: Wed, 30 May 2007 08:28:26 -0700
Booker-
How about adding the UNC to the site-to-zone assignment list policy? That's
under User Configuration\Administrative Templates\Windows
Components\Internet Explorer\Internet Control Panel\Security Page\Site to
Zone Assignment list
Darren
-----Original Message-----
From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Washington, Booker
Sent: Wednesday, May 30, 2007 7:04 AM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Internet Explorer security flaw box pops up on
redirected folder shortcut (My Documents)
Yes, I know where the setting is, local to the box, but I don't want to
have to make the change individually on each and every computer in my
environment. I posted to this list to find out, how in Grop Policy, I
can change the settings that I need to change.
I did not make any special changes. Just joined a new domain, and now
when I click on the My Documents shortcut, I get the pop up. So I was
trying to determine, what about joining the new domain, did I pick up
all of a sudden that when I click on the My Docs shortcut, I get the pop
up box
Thanks.
And again, if I add the UNC path to the trusted list, everything is
fine. So even with that work around, how could I add that through
Policy?
Thanks
-----Original Message-----
From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx]
On Behalf Of tools@xxxxxxxxxx
Sent: Tuesday, May 29, 2007 6:30 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Internet Explorer security flaw box pops up on
redirected folder shortcut (My Documents)
Booker-
I had a hard time following your report below, but my guess is that
somehow IE security zone restrictions think that something about My
Documents is unsafe. Do you have a zone restriction for the MY Computer
or Intranet zones?
-----Original Message-----
From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx]
On Behalf Of Washington, Booker
Sent: Tuesday, May 29, 2007 2:49 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Internet Explorer security flaw box pops up on
redirected folder shortcut (My Documents)
This has to be a GPO setting, but not sure which one.
I have the My documents folder redirected to a network location.
When a user clicks on the My documents folder on the desktop, which is a
system generated shortcut, the user gets a pop up box that has in the
title of the box: Internet Explorer The contents of the box state:
This page has an unspecified potential security flaw. Do you want to
continue. Yes or No
Any idea why this would happen?
The only policy settings outside of the folder redirect GPO show the
following:
Print
Close
No explanation is available for this setting.
Supported On:
Not available
Default Domain Policy
Data collected on: 5/29/2007 5:33:38 PM hide all
Generalhide
Detailshide
Domain test.domain.edu
Owner test\Domain testmins
Created 10/1/2001 2:15:58 PM
Modified 7/30/2006 8:08:30 PM
User Revisions 1 (test), 1 (sysvol)
Computer Revisions 21 (test), 21 (sysvol) Unique ID
{31B2F340-016D-11D2-945F-00C04FB984F9}
GPO Status Enabled
Linkshide
Location Enforced Link Status Path
test No Enabled test.domain.edu
This list only includes links in the domain of the GPO.
Security Filteringhide
The settings in this GPO can only apply to the following groups, users,
and computers:Name NT AUTHORITY\Authenticated Users
WMI Filteringhide
WMI Filter Name None
Description Not applicable
Delegationhide
These groups and users have the specified permission for this GPOName
Allowed Permissions Inherited test\Domain testmins Edit settings,
delete, modify security No test\Enterprise testmins Edit settings,
delete, modify security No NT AUTHORITY\Authenticated Users Retest (from
Security Filtering) No NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS Retest
No NT AUTHORITY\SYSTEM Edit settings, delete, modify security No
Computer Configuration (Enabled)hide
Windows Settingshide
Security Settingshide
Account Policies/Password Policyhide
Policy Setting
Enforce password history 3 passwords remembered Maximum password age 90
days Minimum password age 0 days Minimum password length 7 characters
Password must meet complexity requirements Enabled Store passwords using
reversible encryption Disabled
Account Policies/Account Lockout Policyhide Policy Setting Account
lockout threshold 0 invalid logon attempts
Account Policies/Kerberos Policyhide
Policy Setting
Enforce user logon restrictions Enabled Maximum lifetime for service
ticket 600 minutes Maximum lifetime for user ticket 72 hours Maximum
lifetime for user ticket renewal 7 days Maximum tolerance for computer
clock synchronization 5 minutes
Public Key Policies/Autoenrollment Settingshide Policy Setting Enroll
certificates automatically Enabled Renew expired certificates, update
pending certificates, and remove revoked certificates Disabled Update
certificates that use certificate templates Disabled
Public Key Policies/Encrypting File Systemhide Propertieshide Policy
Setting Allow users to encrypt files using Encrypting File System (EFS)
Enabled
Certificateshide
Issued To Issued By Expiration Date Intended Purposes testministrator
testministrator 9/30/2004 2:25:46 PM File Recovery
For testditional information about individual settings, launch Group
Policy Object Editor.
Public Key Policies/Trusted Root Certification Authoritieshide
Propertieshide Policy Setting Allow users to select new root
certification authorities (CAs) to trust Enabled Client computers can
trust the following certificate stores Third-Party Root Certification
Authorities and Enterprise Root Certification Authorities To perform
certificate-based authentication of users and computers, CAs must meet
the following criteria Registered in Active Directory only
testministrative Templateshide
System/Group Policyhide
Policy Setting
Allow Cross-Forest User Policy and Roaming User Profiles Enabled
User Configuration (Enabled)hide
Windows Settingshide
Remote Installation Serviceshide
Client Installation Wizard optionshide
Policy Setting
Custom Setup Disabled
Restart Setup Disabled
Tools Disabled
***********************
You can unsubscribe from gptalk by sending email to
gptalk-request@xxxxxxxxxxxxx with 'unsubscribe' in the Subject field OR
by logging into the freelists.org Web interface. Archives for the list
are available at //www.freelists.org/archives/gptalk/
************************
***********************
You can unsubscribe from gptalk by sending email to
gptalk-request@xxxxxxxxxxxxx with 'unsubscribe' in the Subject field OR
by logging into the freelists.org Web interface. Archives for the list
are available at //www.freelists.org/archives/gptalk/
************************
***********************
You can unsubscribe from gptalk by sending email to
gptalk-request@xxxxxxxxxxxxx with 'unsubscribe' in the Subject field OR by
logging into the freelists.org Web interface. Archives for the list are
available at //www.freelists.org/archives/gptalk/
************************
***********************
You can unsubscribe from gptalk by sending email to
gptalk-request@xxxxxxxxxxxxx with 'unsubscribe' in the Subject field OR by
logging into the freelists.org Web interface. Archives for the list are
available at //www.freelists.org/archives/gptalk/
************************
Other related posts:
