Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1528
  • Last Modified:

Remove Internet Explorer security warning on terminal servers (Citrix)

Hi all!

I have a problem.
When users are searching for a telephone number or a user in Trio Present on a Citrix Desktop server a message appears in Internet Explorer:
"When you send information to the internet, it might be possible for others to see that information. do you want to continue?"

I found the registry setting that disable this message:
HCLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS\ZONES\3 and the key is 1601

Values:
0 = do not prompt
1 = Prompt with checkbox checked
101 = Prompt with checkbox unchecked

I made a script:
SET WSHShell = CreateObject("WScript.Shell")

'Removes security warning in Internet Explorer

WshShell.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1601","00000000","REG_DWORD"

I have tried this script and it works, it changes the registry so the message do not appear.

I tried to link this script into the GPO for Terminal Servers (User Configuration-Windows Settings-Scripts-Logon), but when a user logs on the registry isn`t changed.
If I try to connect to a Citrix Desktop server via RDP the registry is changed, but not via Citrix. (This is because I use my admin user, not my ordinary user)

This only happens when a user connects to a Citrix desktop server.
If`I try to check the box "don`t show this message again" the message still shows up the next time I log in via Citrix to that Desktop server.

Does anyone have a clue or a solution I would be very pleased.
My customer wants this message to disappear.
0
Lazyeyes
Asked:
Lazyeyes
  • 5
  • 2
1 Solution
 
chuckyhCommented:
That key you are setting is in HKLM, try setting the one in HKCU instead. Or you can turn on loop back processing for GPO.
0
 
LazyeyesAuthor Commented:
My script points to HKCU, so I already tried that.

WshShell.RegWrite "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1601","00000000","REG_DWORD"

Also tried to point the script to HKLM, that works but HKCU still shows wrong value even if I have enabled loopback.
Something is blocking users to edit registry settings, but I have no problems changing registry settings via ICA connection.

The settings getting "restored" each time I login the second time.

0
 
chuckyhCommented:
Is the GPO applied to the citrix servers or the users? Can you run policy wizard to see which settings actually gets applied?
0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

 
LazyeyesAuthor Commented:
The GPO is applied to the Citrix servers OU. The settings gets applied (tried with an msgbox in the script). I think the problem is that the logon script is running after the script in the GPO
0
 
LazyeyesAuthor Commented:
If I log on to the desktop server the value in registry is wrong, but if I do a gpupdate the value change in registry. Gotta be the logon script that mess things up. The strange part is that the changes isn`t saved to the registry when I log off.
0
 
LazyeyesAuthor Commented:
I found the policy that messed up the registry setting.
User Configuration- Internet Explorer Maintenance- Security/ Security Zones and Content Ratings- Security Zones and Privacy-Internet- "Submit nonecrypted form data"

Anyway, I put the registry settings into the logonscript, seems to work now.
0
 
LazyeyesAuthor Commented:
Found it out myself
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

  • 5
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now