.NET 2.0 apps think they're being run from the Internet, but they'rebeing run from the intranet...

W

WATYF

I have several .NET apps that run from network shares (and which have
done so for years). In order to make this possible, I increased the
LocalIntranet zone trust level to "FullTrust". This has always worked
just fine.

Recently, and for reasons unknown, all of my apps that run from the
intranet are giving me warnings like so:

"Microsoft .NET Security Warning - Never enter personal information or
passwords into a window unless you can verify and trust the source of
the request"

If I try to open the projects for these applications in VS.NET, I get
a warning saying that I may experience problems running the code,
because the project is on an untrusted location.

After some testing, I figured out that the applications (which have
been running for years off of my intranet shares and have always
worked just fine) now all of a sudden think that they're being run
from the internet. At the top of the form for the applications, the
Form title is prefaced with "Internet - ", and if I set the Internet
security zone to "FullTrust", then all of the problems and warnings go
away.

Obviously, I can't keep my Internet zone at FullTrust, so I need to
figure out what caused this change so I can undo it.

What's even more odd is that this is only happening on my Windows XP
machine. I have a W2K machine as well, which is also setup with the
same zone trust settings, and the code still runs just fine on that
one.

Does anyone have the slightest idea what would cause this?

WATYF
 
B

Ben Voigt [C++ MVP]

WATYF said:
I have several .NET apps that run from network shares (and which have
done so for years). In order to make this possible, I increased the
LocalIntranet zone trust level to "FullTrust". This has always worked
just fine.

Recently, and for reasons unknown, all of my apps that run from the
intranet are giving me warnings like so:

"Microsoft .NET Security Warning - Never enter personal information or
passwords into a window unless you can verify and trust the source of
the request"

If I try to open the projects for these applications in VS.NET, I get
a warning saying that I may experience problems running the code,
because the project is on an untrusted location.

After some testing, I figured out that the applications (which have
been running for years off of my intranet shares and have always
worked just fine) now all of a sudden think that they're being run
from the internet. At the top of the form for the applications, the
Form title is prefaced with "Internet - ", and if I set the Internet
security zone to "FullTrust", then all of the problems and warnings go
away.

Obviously, I can't keep my Internet zone at FullTrust, so I need to
figure out what caused this change so I can undo it.

What's even more odd is that this is only happening on my Windows XP
machine. I have a W2K machine as well, which is also setup with the
same zone trust settings, and the code still runs just fine on that
one.

Does anyone have the slightest idea what would cause this?

Are you using a drive letter or UNC path? If UNC path, using netbios name,
fqdn, or ip address to specify the server?
 
W

WATYF

Hey there... I found the cause of this... thanks for pointing me in
the right direction.

It ends up that my IT dept (in all their wisdom) changed how certain
shares were auto-mapped so that it was done using the full domain
(instead of the UNC, which is how they used to do it). If I manually
map the drive using the UNC, the problem goes away.

WATYF
 
M

Marc Gravell

For the record - ClickOnce is a better technology for this; you don't
need to make config changes at the client.

Marc
 
W

WATYF

For the record - ClickOnce is a better technology for this; you don't
need to make config changes at the client.

Marc


Thanks, but this problem wasn't related to deployment. It's just a
matter of running executables (or working with vs projects) that are
resident on a network share.


WATYF
 
B

Ben Voigt [C++ MVP]

WATYF said:
Hey there... I found the cause of this... thanks for pointing me in
the right direction.

It ends up that my IT dept (in all their wisdom) changed how certain
shares were auto-mapped so that it was done using the full domain
(instead of the UNC, which is how they used to do it). If I manually
map the drive using the UNC, the problem goes away.

And the stupid default rule Internet Explorer has for identifying "local"
network resources -- the lack of a dot in the name. This has gotten them in
big trouble before.
http://www.google.com/search?q=local+intranet+zone+dotless+IP+address

Tell IT to push out a reasonable rule for LocalIntranet that includes your
local domain.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top