W2K3 security warning when running batch file

[Guest]

I have a Win2k3 server on which I run a couple of batch files. With Win2k,
no problem. It pops up a dialog box warning me of the
perils of such files. How can I kill this dialog box?

Previous thread has this fix for XP, however Windows2003 does not have this
entry in group policy:

To disable the warning start the Group Policy Editor (Start > Run, type
-gpedit.msc- and press OK) and go to:
-User Configuration > Administrative Templates > Windows Components >
Attachment Manager- then set -Inclusion list for low file types- to
Enabled and enter the file types you don't want to be warned about in
the box (for example: .exe).

 

[Michael Bednarek]

I have a Win2k3 server on which I run a couple of batch files. With Win2k,
no problem. It pops up a dialog box warning me of the
perils of such files. How can I kill this dialog box?

[snip]

I run plenty of batch files on NT5.2 servers, and I never see such
warnings. How exactly do you run these batch files?
Explorer+Double-Click? Start/Run...? From a command console? If so,
which one (cmd, command, 4NT, ...)? Where are these batch files? Per
chance on a mapped network share? If so, add the server name to the
"Local intranet" or "Trusted sites" in IE.

 

[Guest]

It was a network location, and adding the server to the "Local intranet" or
"Trusted sites" in IE did not work. What did work was in Internet Settings,
Security tab, Internet zone, Custom Level, changed "Launching applications
and unsafe files" to enabled, instead of prompt.

I have a Win2k3 server on which I run a couple of batch files. With Win2k,
no problem. It pops up a dialog box warning me of the
perils of such files. How can I kill this dialog box?

[snip]

I run plenty of batch files on NT5.2 servers, and I never see such
warnings. How exactly do you run these batch files?
Explorer+Double-Click? Start/Run...? From a command console? If so,
which one (cmd, command, 4NT, ...)? Where are these batch files? Per
chance on a mapped network share? If so, add the server name to the
"Local intranet" or "Trusted sites" in IE.

 

[Michael Bednarek]

It was a network location, and adding the server to the "Local intranet" or
"Trusted sites" in IE did not work. What did work was in Internet Settings,
Security tab, Internet zone, Custom Level, changed "Launching applications
and unsafe files" to enabled, instead of prompt.

That's odd - and IMHO rather unsatisfactory: I definitely wouldn't want
to enable "Launching applications and unsafe files" for the Internet
zone on my servers.

What exactly did you enter into the "Local intranet"'s box "Add this
website to the zone:"? The entry here is: file://servername and that
seems to work.

I have a Win2k3 server on which I run a couple of batch files. With Win2k,
no problem. It pops up a dialog box warning me of the
perils of such files. How can I kill this dialog box?

[snip]

I run plenty of batch files on NT5.2 servers, and I never see such
warnings. How exactly do you run these batch files?
Explorer+Double-Click? Start/Run...? From a command console? If so,
which one (cmd, command, 4NT, ...)? Where are these batch files? Per
chance on a mapped network share? If so, add the server name to the
"Local intranet" or "Trusted sites" in IE.

 

[David Wang [Msft]]

This is actually a security feature. The dialog box pops up whenever you
access a resource from the network (i.e. via UNC share).

How you work with this feature:
1. Undo the security feature with your configuration
2. Add that particular server to the Trusted sites (Add file://server to the
trusted zone)
3. Add explicit program in front of the network resource (i.e. CMD /C
\\server\share\batch.cmd )


Personally, I recommend #2 or #3. #2 can be automated on OS install and
ensures that your server is only running remote resources from specified
locations. #3 may require some changes to scripts, but in the long run, it
works out.

--
//David
IIS
This posting is provided "AS IS" with no warranties, and confers no rights.
//

It was a network location, and adding the server to the "Local intranet" or
"Trusted sites" in IE did not work. What did work was in Internet Settings,
Security tab, Internet zone, Custom Level, changed "Launching applications
and unsafe files" to enabled, instead of prompt.

That's odd - and IMHO rather unsatisfactory: I definitely wouldn't want
to enable "Launching applications and unsafe files" for the Internet
zone on my servers.

What exactly did you enter into the "Local intranet"'s box "Add this
website to the zone:"? The entry here is: file://servername and that
seems to work.

I have a Win2k3 server on which I run a couple of batch files. With Win2k,
no problem. It pops up a dialog box warning me of the
perils of such files. How can I kill this dialog box?

[snip]

I run plenty of batch files on NT5.2 servers, and I never see such
warnings. How exactly do you run these batch files?
Explorer+Double-Click? Start/Run...? From a command console? If so,
which one (cmd, command, 4NT, ...)? Where are these batch files? Per
chance on a mapped network share? If so, add the server name to the
"Local intranet" or "Trusted sites" in IE.