• Home
  • About 404TS
  • Contact

404 Tech Support

Where IT Help is Found

  • Articles
    • Code
    • Entertainment
    • Going Green
    • Hardware, Gadgets, and Products
    • Management
    • Network
    • News
    • Operating Systems
    • Security and Privacy
    • Software
    • System Administration
    • Talking Points
    • Tech Solutions
    • Web
    • Webmaster
  • Reviews
  • Media
    • Infographics
    • Videos
  • Tech Events
  • Tools
    • How do I find my IP address?
    • Browser and plugin tests
  • Get a Technical Consultation
You are here: Home / Articles / Code / Windows Open File Security Warning interferes with automated install script

Windows Open File Security Warning interferes with automated install script

2012-02-21 by Jason

I recently encountered a script (.vbs) that automated a number of steps taken to install the necessary applications onto a fresh computer. The script would first identify if the OS was 32-bit or 64-bit and then run the appropriate script to install compatible apps. Designed with a modular approach, the 32-bit/64-bit script would launch a series of scripts for each application so it could be updated, documented, separately. Unfortunately with the move to a different server, a Windows “Open File – Security Warning” prompt showed up with the launch of every script and executable. The (nearly) unattended script had become much less useful as a result and I had to look into options to make this security “feature” far more manageable.

“Do you want to open this file?”

“While files from the Internet can be useful, this file type can potentially harm your computer. If you do not trust the source, do not open this software. What’s the risk?”

Having encountered this before, my first assumption was to check the properties of the files after the move and ‘unblock’ each file. ‘Unblock’ wasn’t an option, permissions were correct, and taking ownership of the file did not resolve the issue. A quick search of the web came up with a suggestion to use SysInternals’ Streams or Nirsoft Alternate Data Streams utilities to view and remove the files’ streams that said it was from another computer (the Internet). Both utilities confirmed that the files did not have any streams metadata attached. Another approach suggested in that thread is to compress all the files into a single .zip file and then unblock the .zip. Once you extract the files to where you want them, they will be unblocked. This took a long time and did not solve my problem.

After some testing from a different angle, I confirmed the problem was resolved when I added the UNC path of the server share to Internet Explorer’s Intranet Zone. This could be set via Group Policy but that depends on the workflow if the script is run after it is connected to the domain or before. The setting is under:

Computer Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> Internet Control Panel -> Security Page -> Site to Zone Assignment List: Enabled Then click the Show button – and add the appropriate Name and Value – eg: \server.fqdn.local with a value of 1 for Intranet Zone

Finally, I found the solution that I ended up going with. It’s always the last place you look (mostly because you stop looking). Microsoft KB article 889815 discusses my exact issue. Their suggested workaround is to set a flag that bypasses the IE security zone checks while your script is running and then removes the flag at the end of your script.

'Run this segment at the beginning of your script
set oShell= CreateObject("Wscript.Shell")
set oEnv = oShell.Environment("PROCESS")
oEnv("SEE_MASK_NOZONECHECKS") = 1

'Run your code in the middle
oShell.Run "c:ms04-038WindowsXP-KB834707-x86-enu /quiet /passive /norestart",0,True

'At the end of the script, remove the variable you set earlier.
oEnv.Remove("SEE_MASK_NOZONECHECKS")

The other suggested workaround is to run your code using a command script instead. (Thanks…)

Fortunately, I was able to implement their suggested code and it worked to solve the problem I was facing. You are now able to run the script, answer the first prompt, and walk away for 20 minutes while the various installs progress unattended.

Filed Under: Code, System Administration

Trending

  • Product Review: Logitech Harmony One – A Smart Universal Remote
    In Entertainment, Hardware, Gadgets, and Products, Reviews
  • Enable Windows 10 firewall to install fonts
    In Tech Solutions
  • How to Permanently Disable the DiggBar
    In Media, Tech Solutions

Latest Media Posts

Find Out Where To Download SNES ROMs

Find Out Where To Download SNES ROMs

Multifunctional Video Conversion Tools – Wondershare Video Converter

Multifunctional Video Conversion Tools – Wondershare Video Converter

  • Popular
  • Latest
  • Today Week Month All
  • How to ‘Unblock’ multiple files at a time with PowerShell How to 'Unblock' multiple files at a time with PowerShell
  • Increase IIS Private Memory Limit to improve WSUS availability Increase IIS Private Memory Limit to improve WSUS availability
  • SOLVED: “This modification is not allowed because the selection is locked.” SOLVED: "This modification is not allowed because the selection is locked."
  • Configure Outlook to recurring appointments for the last weekday of the month Configure Outlook to recurring appointments for the last weekday of the month
  • Creating and editing views in phpMyAdmin Creating and editing views in phpMyAdmin
  • 3d rendering circuit cloud for cloud computing technology Build and Deploy a Modern Web 3.0 Blockchain App in 2022
  • Telecom Application Development: When to Outsource Telecom Application Development: When to Outsource
  • Printer printing document wirelessly from mobile phone or smartphone wifi connection vector flat cartoon illustration, file air print on fax or ink jet via cellphone bluetooth modern design Why Your Business Needs Online Fax Services In 2022
  • 6 Best Ways to Protect Your Business Account 6 Best Ways to Protect Your Business Account
  • How to download videos from Instagram How to download videos from Instagram
Ajax spinner

Elevator Pitch

404 Tech Support documents solutions to IT problems, shares worthwhile software and websites, and reviews hardware, consumer electronics, and technology-related books.

Subscribe to 404TS articles by email.

Recent Posts

  • Build and Deploy a Modern Web 3.0 Blockchain App in 2022
  • Telecom Application Development: When to Outsource
  • Why Your Business Needs Online Fax Services In 2022

Search

FTC Disclaimer

404TechSupport is an Amazon.com affiliate; when you click on an Amazon link from 404TS, the site gets a cut of the proceeds from whatever you buy. This site also uses Skimlinks for smart monetization of other affiliate links.
Use of this site requires displaying and viewing ads as they are presented.

Copyright © 2022 · Magazine Pro Theme on Genesis Framework · WordPress · Log in