Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


You Should Only Open Attachments From A Trusted Source Prompt

Posted on 2010-09-01
Medium Priority
Last Modified: 2012-05-10
I have a problem where when our Terminal Server users open an attachment from Outlook, specifically, .doc; .docx; .rtf documents, they are given a prompt which says:
"You Should Only Open Attachments From A Trusted Source"
"Would you like to open the file or save it to your computer?".
"Open | Save | Cancel" (Please see my attached screen grab)
Now, the box is grayed out because it's a locked down environment. The manual fix for this environment is to remove the group policies, login as the user, try open file types it's a problem for, UN-tick the box, click open, log off, and add the group policies back.
However, does anyone know of a way to change this through group policies, registry or some sort of script?
I've spent time searching the internet and can only find articles on how to apply the manual fix. I've looked at nearly ever entry in the registry and even tried process monitor to narrow it down.
Any help you can give is greatly appreciated~
Question by:Zelxos
  • 2
  • 2
LVL 17

Assisted Solution

Spike99 earned 1000 total points
ID: 33580829
I've seen this before.

That option is grayed out for users because only administrators can change the behavior on a terminal server.  Here's how we fixed this for our terminal server users on Windows 2003:
1.  Log on to the server as a user with Administratrive rights
2.  Open Folder Options from the Control Panel
3.  Click on the File Types tab
4.  Scroll down to the file type and click on it to highlight it
5. Click on the Advanced Button
6.  Un-check the option "Confirm open after download"

Do the same for all effected file types.

In our case, we had to do this for all the Office 2007 file types like XLSX, DOCX, etc.  The settings for Office 2003 & earlier file types were OK (xls, doc, ppt, etc.).

I attached a screenshot of the dialog.  In this shot the option is checked, I would just need to uncheck it to no longer be prompted about these files.

I hope this helps,

LVL 11

Assisted Solution

marek1712 earned 1000 total points
ID: 33582171
There are another methods:
- check trusted file types in the Outlook itself:
You can use startup script to apply this registry fix.
- or you can modify the Attachment Manager settings:
change the default zone to Low Risk and add required file types to the Low Risk extensions.

Author Comment

ID: 33585603
Thank you both for your replies. I'll try these out and let you know if they work. Thanks again!
LVL 17

Expert Comment

ID: 33587116
marek1712's links would help if your attachments were being blocked by Outlook, but it doesn't look like that's the problem.  Users are just getting prompted before they can open attachments.

I don't know if there's a script or other method to use other than the one I described.  Unfortunately the TS cluster we had to do this on had over 30 servers in it and we had to repeat these steps for multiple file types on all 30.  So, it was a bit tedious, but it worked fine for us.  The users haven't complained about it since then (and that was about 8 months ago).


Accepted Solution

Zelxos earned 0 total points
ID: 33590419
Hi Alicia & Marek,
Thanks to both of  you for your replies. I should of mentioned this is a 2008 TS cluster and in 2008 the File Types tab is not there. Although I wasn't able to carry out either of your solutions with success I have found a solution.
I used Process Monitor (http://technet.microsoft.com/en-us/sysinternals/bb896645.aspx) on an Admin account and monitored from the time I opened an affected file type up to just after UN-ticking the box and clicking Open.
I filtered the 4000 results to only show operations that were "RegCreateKey" or "RegSetValue". Near the top of the list I had these results [see Process Monitor Results image].
As you can see, it first had the EditFlags value set to 00 00 00 00 and then changed it to 00 00 01 00. This is the value that gets changed so that Outlook doesn't prompt before opening the file attachment and after a bit more tinkering I figured out two ways to apply this information.

The Solution:
1. This changes it for the computer.
Create a REG_Binary registry entry under the following location for each file type/extension you want to change this for - this example is for ".docx" files:
ValueName: EditFlags
Type: REG_Binary
Value: 00 00 01 00
(changing the value to 00 00 00 00 will cause Outlook to prompt)
Word.Document.12 = .docx
Word.Document.8 = .doc
Word.RTF.8 = .rtf
Excel.Sheet.12 = .xlsx
Excel.Sheet.8 = .xls

So just replace Word.document.12 with whatever is your file type. It's not too hard to figure out which entry controls which file type/extension.

2. This changes it for the user.
Create a REG_Binary registry entry under the following location for each file extension - this example is for ".xlsx" files.
ValueName: EditFlags
Type: REG_Binary
Value: 00 00 01 00

Either of these can be applied manually, through a startup/login script, or through Group Policy preferences (which is how I've applied this).

I hope this helps someone who has this problem.

Thanks again to Alicia and Marek for your replies, I appreciate it!

Featured Post

Receive 1:1 tech help

Solve your biggest tech problems alongside global tech experts with 1:1 help.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes how to import Lotus Notes Contacts into Outlook 2016, 2013, 2010 and 2007 etc. with a few manual steps. You can easily export and migrate Lotus Notes contacts into Microsoft Outlook without having to use any third party tools.
Take a look at these 6 Outlook Email management tools which can augment the working and performance of Microsoft Outlook to give you a more rewarding emailing experience.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…
Suggested Courses

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question