myITforum.com Community Forum myITforum.com Community Forum

Home  Forums  Blogs  Live Support chat  Search Articles  Wiki  FAQ  Email Lists  Register  Login  My Profile  Inbox  Address Book  My Subscription  My Forums 

Photo Gallery  Member List  Search  Calendars  FAQ  Ticket List  Log Out

All Forums RSS Feed Subscription:


  


Windows XP Open file Security Warning

 
View related threads: (in this forum | in all forums)

Logged in as: Guest
  Printable Version
All Forums >> [Management Products] >> System Center Products >> System Center Configuration Manager >> Windows XP Open file Security Warning Page: [1]
Login
Message << Older Topic   Newer Topic >>
Windows XP Open file Security Warning - 6/16/2008 9:00:28 AM   
lnesta431


Posts: 922
Score: 59
Joined: 1/26/2006
From: Brussels, Belgium
Status: offline 		Hi

I have a few packages that are prompting the XP Security warning when the SCCM advertisement get started.

Does anyone to workaround this or to disable this.

I have "inlcude all network paths (UNC)" checked in the security IE settings,

I also tried to enable a GPO but without success.
Local Computer Policy->User Configuration->Administrative Templates->Windows Components->Attachment Manager and enable "Default risk level for file attachments", and then enable "Inclusion list for low risk file types" and add to this list the file extensions

It looks like this GPO does not apply when running an SMS pakcage??

Anyone? Tnx Nico


_____________________________

----------
Please rate if this has helped you! Tnx!

Check out my NEW blog: http://nicosienaert.blogspot.com/
----------
Post #: 1
RE: Windows XP Open file Security Warning - 6/16/2008 10:08:35 AM  1 votes
wbracken


Posts: 1036
Score: 22
Joined: 4/12/2002
From: St. Louis
Status: offline 		I use the following script in my BDD 2.5/SMS 2003 infrastructure for that very reason. 

' =======================================================
' #  Declare variables
' =======================================================
Set oShell= CreateObject("Wscript.Shell")
Set oEnv = oShell.Environment("PROCESS")
' =======================================================
' #  Remove the file open security warning
' =======================================================
oEnv("SEE_MASK_NOZONECHECKS") = 1
' =======================================================
' #  Run process
' =======================================================
' Example - oShell.Run "WindowsInstaller-KB893803-v2-x86.exe /passive /norestart",0,True
oShell.Run "",0,True
oEnv.Remove("SEE_MASK_NOZONECHECKS")


Should at least point you in the right direction..  :)

_____________________________

William Bracken

Visit my new Blog
http://wbracken.wordpress.com/

(in reply to lnesta431)
Post #: 2
RE: Windows XP Open file Security Warning - 6/16/2008 10:35:15 AM   
lnesta431


Posts: 922
Score: 59
Joined: 1/26/2006
From: Brussels, Belgium
Status: offline 		Hi William

I saw that scripts as well.

Does it work well for you?

I'll give it a try and let you know.

Tnx mate


_____________________________

----------
Please rate if this has helped you! Tnx!

Check out my NEW blog: http://nicosienaert.blogspot.com/
----------

(in reply to wbracken)
Post #: 3
RE: Windows XP Open file Security Warning - 6/16/2008 4:37:19 PM   
rbennett806


Posts: 827
Score: 13
Joined: 6/14/2006
Status: offline 		I deploy every application using a VBScript wrapper in our environment, and that method of turning off the security warning window works just fine...

(in reply to lnesta431)
Post #: 4
RE: Windows XP Open file Security Warning - 6/16/2008 5:28:35 PM   
skissinger


Posts: 2119
Score: 134
Joined: 9/13/2001
From: Sherry Kissinger
Status: offline 		I'm just really super-super paranoid about checking the source files' .exe files before I add any distro points.  Right-click the exe files, and "unblock" them, so that ntfs bit isn't there to be replicated.  But if you've already replicated; unchecking the box now & replicating won't fix it.  The bit is set on the target distro points' ntfs, so using the script above is a good workaround.

_____________________________

mofmaster@smsexpert.com (version 2007) | http://www.smsexpert.com | http://www.sccmexpert.com
My Blog
Microsoft MVP - ConfigMgr

(in reply to rbennett806)
Post #: 5
RE: Windows XP Open file Security Warning - 6/17/2008 2:44:31 AM   
lnesta431


Posts: 922
Score: 59
Joined: 1/26/2006
From: Brussels, Belgium
Status: offline 		Hi Sherry

Sorry for my ignorance but what do you mean with unblocking an exe file via Right mouse click


_____________________________

----------
Please rate if this has helped you! Tnx!

Check out my NEW blog: http://nicosienaert.blogspot.com/
----------

(in reply to skissinger)
Post #: 6
RE: Windows XP Open file Security Warning - 6/17/2008 2:49:05 AM   
lnesta431


Posts: 922
Score: 59
Joined: 1/26/2006
From: Brussels, Belgium
Status: offline 		OK found it ;-)

Is there any reason why some exe's have it and other ones not?


_____________________________

----------
Please rate if this has helped you! Tnx!

Check out my NEW blog: http://nicosienaert.blogspot.com/
----------

(in reply to lnesta431)
Post #: 7
RE: Windows XP Open file Security Warning - 6/17/2008 6:04:53 AM  1 votes
skissinger


Posts: 2119
Score: 134
Joined: 9/13/2001
From: Sherry Kissinger
Status: offline 		From memory (it's been a few years since I looked into this), when you download a file from the internet using Internet Explorer, your Windows operating system (or was it IE?) at some hotfix / service pack level that NTFS stream was added to protect normal users by having this extra prompt to remind you that whatever it is you are about to launch came from a possibly untrusted source.

The fixes I found at the time (there may be more by now) 
  1. use a non-IE web browser (firefox for example) which doesn't do that friendly little security check.
  2. When you are downloading, save your downloads to a FAT formatted partition (like a USB stick).  A FAT or FAT32 formatted partition can't remember the NTFS streams.
  3. Use, I think it was from sysinternals, a 'Streams' executable to delete streams
  4. Or right-click and check the .exe's Block status and unblock.

One of the problems for us as admins is if you forget to clear the stream before replication, you've replicated the stream-enabled version to your DPs, so you have to remove the stream from each DP.  Removing the stream from the source & re-replicating (if I recall) isn't enough because the destination already has the stream it won't delete it like that.  So that's why William's script is a great alternative.

_____________________________

mofmaster@smsexpert.com (version 2007) | http://www.smsexpert.com | http://www.sccmexpert.com
My Blog
Microsoft MVP - ConfigMgr

(in reply to lnesta431)
Post #: 8
RE: Windows XP Open file Security Warning - 6/17/2008 7:21:32 AM   
lnesta431


Posts: 922
Score: 59
Joined: 1/26/2006
From: Brussels, Belgium
Status: offline 		William

Thanks to convince me and to share your experience with the script!

Sherry

Thanks for making this clear! I work already for year with SMS and packages and never noticed it!
Can you believe it?? ;-)

Thanks

Nico


_____________________________

----------
Please rate if this has helped you! Tnx!

Check out my NEW blog: http://nicosienaert.blogspot.com/
----------

(in reply to skissinger)
Post #: 9
Page:   [1]
All Forums >> [Management Products] >> System Center Products >> System Center Configuration Manager >> Windows XP Open file Security Warning Page: [1]
Jump to:





New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts



  
Forum Software © ASPPlayground.NET Advanced Edition 2.4.5 ANSI

0.270