[gptalk] Internet Explorer security flaw box pops up on redirected folder shortcut (My Documents)

  • From: "Washington, Booker" <Booker.Washington@xxxxxxxxxxxxxx>
  • To: <gptalk@xxxxxxxxxxxxx>
  • Date: Tue, 29 May 2007 17:48:55 -0400

This has to be a GPO setting, but not sure which one.
I have the My documents folder redirected to a network location.
When a user clicks on the My documents folder on the desktop, which is a
system generated shortcut, the user gets a pop up box that has in the
title of the box: Internet Explorer
The contents of the box state:
This page has an unspecified potential security flaw.  Do you want to
continue.  Yes or No

Any idea why this would happen?
The only policy settings outside of the folder redirect GPO show the
No explanation is available for this setting.
Supported On:
Not available
Default Domain Policy 
Data collected on: 5/29/2007 5:33:38 PM hide all 

Domain test.domain.edu 
Owner test\Domain testmins 
Created 10/1/2001 2:15:58 PM 
Modified 7/30/2006 8:08:30 PM 
User Revisions 1 (test), 1 (sysvol) 
Computer Revisions 21 (test), 21 (sysvol) 
Unique ID {31B2F340-016D-11D2-945F-00C04FB984F9} 
GPO Status Enabled 

Location Enforced Link Status Path 
test No Enabled test.domain.edu 

This list only includes links in the domain of the GPO.
Security Filteringhide
The settings in this GPO can only apply to the following groups, users,
and computers:Name 
NT AUTHORITY\Authenticated Users 

WMI Filteringhide
WMI Filter Name None 
Description Not applicable 

These groups and users have the specified permission for this GPOName
Allowed Permissions Inherited 
test\Domain testmins Edit settings, delete, modify security No 
test\Enterprise testmins Edit settings, delete, modify security No 
NT AUTHORITY\Authenticated Users Retest (from Security Filtering) No 
NT AUTHORITY\SYSTEM Edit settings, delete, modify security No 

Computer Configuration (Enabled)hide
Windows Settingshide
Security Settingshide
Account Policies/Password Policyhide
Policy Setting 
Enforce password history 3 passwords remembered 
Maximum password age 90 days 
Minimum password age 0 days 
Minimum password length 7 characters 
Password must meet complexity requirements Enabled 
Store passwords using reversible encryption Disabled 

Account Policies/Account Lockout Policyhide
Policy Setting 
Account lockout threshold 0 invalid logon attempts 

Account Policies/Kerberos Policyhide
Policy Setting 
Enforce user logon restrictions Enabled 
Maximum lifetime for service ticket 600 minutes 
Maximum lifetime for user ticket 72 hours 
Maximum lifetime for user ticket renewal 7 days 
Maximum tolerance for computer clock synchronization 5 minutes 

Public Key Policies/Autoenrollment Settingshide
Policy Setting 
Enroll certificates automatically Enabled 
Renew expired certificates, update pending certificates, and remove
revoked certificates Disabled 
Update certificates that use certificate templates Disabled 

Public Key Policies/Encrypting File Systemhide
Policy Setting 
Allow users to encrypt files using Encrypting File System (EFS) Enabled 

Issued To Issued By Expiration Date Intended Purposes 
testministrator testministrator 9/30/2004 2:25:46 PM File Recovery 

For testditional information about individual settings, launch Group
Policy Object Editor.
Public Key Policies/Trusted Root Certification Authoritieshide
Policy Setting 
Allow users to select new root certification authorities (CAs) to trust
Client computers can trust the following certificate stores Third-Party
Root Certification Authorities and Enterprise Root Certification
To perform certificate-based authentication of users and computers, CAs
must meet the following criteria Registered in Active Directory only 

testministrative Templateshide
System/Group Policyhide
Policy Setting 
Allow Cross-Forest User Policy and Roaming User Profiles Enabled 

User Configuration (Enabled)hide
Windows Settingshide
Remote Installation Serviceshide
Client Installation Wizard optionshide
Policy Setting 
Custom Setup Disabled 
Restart Setup Disabled 
Tools Disabled 
You can unsubscribe from gptalk by sending email to 
gptalk-request@xxxxxxxxxxxxx with 'unsubscribe' in the Subject field OR by 
logging into the freelists.org Web interface. Archives for the list are 
available at http://www.freelists.org/archives/gptalk/

Other related posts: