SBS 2011 Internet Explorer security too high

Posted on 2011-02-18
Last Modified: 2012-05-11
I want to know how to completely eliminate any security pop ups from browsing on IE8 on my SBS 2011 standard server. I mean eliminate those ADD/CLOSE dialog boxes that pop up and get in the way of everything you are trying to do.

I understand the risks already, that's not what this question is about.

Question by:dgrenda
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 58

Accepted Solution

Cliff Galiher earned 500 total points
ID: 34929505
The solution is to open "Server Manager" (not the SBS console) and click on the link to manage "ESC" for IE. From there you can turn on or off ESC for administrators or all users.


Author Comment

ID: 34935060
On an important (to me) question I asked some time ago, I was receiving comments from an individual whose english was terrible and more importantly whose comments were completely ridiculous and counter-productive. I actually thought I was being messed with. It was frustrating in the face of what I needed to get done.

After a couple of time wasting comments I replied to this individual and told him to quit wasting my time and not to use this forum to practice his english. One of you moderators came down very hard on me for offending this individual's feelings and reminded me that the experts are here out of the goodness of their hearts and I should remember that or take a hike.

Now the tables are turned and once again it's the favored "expert" who is supported after actually insulting me.

I apologize to all involved here. I realize now that I have misunderstood the way this place works and what my premium membership actually entitles me to. I missed the fine print about insiders and outsiders.

I will ignore future insults and just concentrate on getting my questions answered. However I will not award this individual any points for the hassle he has caused me.

Again, apologies and I will refrain from any extraneous interaction and ignore any such from your experts.

Author Closing Comment

ID: 34937856
In the interest of moving forward, here are the points awarded. I just didn't appreciate being made to look stupid. This entire website is based on people's ability to ask all sorts of questions. What's the use if you are going to be insulted as stupid for asking?

Anyway, I appreciate the site for those folks who are truly helpful. I will limit any future off topic discussion and will ignore any such discussion given to me.

So I apologize for my portion of the issue. I appreciate the assistance.
LVL 58

Expert Comment

by:Cliff Galiher
ID: 34938773
Since my original answer was (understandably) edited, I want to reiterate that while my answer is the correct process to disable ESC, I also think disabling it is a *very bad* idea.

It was never my intention to make you "look stupid." I do use sarcasm as an instructional tool and I realize that rubs some people the wrong way. Browsing from a server is something I happen to be particulary passionate about so I posted my response as I did to drive home a point. I write my responses not just for the questioner, but also understanding that EE encourages users to search for other questions before posting their own and this questoin could be viewed by others. As such, even if you understand the risks of browsing from the server, the next person reading this questoin (and answer) may not, so I want my answer (And hence this follow-up) to be *VERY CLEAR* on the point that, while it can be done, it is rarely (if ever) a good idea.

I genuinely cannot think of a single situation where I'd want to browse on the server. Downloading patches can be done from a workstation and saved to the server or saved to a USB key. Searching error messages or event viewer links can be done from a workstation as well. Even Microsoft's support site can serve up the occasional banner ad, and banner ads can carry malicious code. I just cannot in good conscience recommend browsing from the server under any circumstance.

With that said, if there were truly a unique circumstance where it was required, I still wouldn't turn off ESC. IE ESC provides a sandbox that protects the OS from IE. Disabling IE essentially removes that sandbox which means any exploit of Active-X, Java, Flash, or similar now has direct access to the OS. If I were required to browse from the server, I'd grab a portable browser so it left no install footprint and use one that didn't have add-ons or, most notably, Active-X. As of today, my choice would be a portable version of Chrome, which I always have on a USB key as part of my toolbox, but that may change as newer browser editions surface and their security footprint changes.

So I hope that better explains my position, why I posted as I did, and provides some additional information for anybody who happens to read this questions. As far as the personal contention, I apologize for my part in that my sarcasm was easily misunderstood. I could have done a better job of explaining my position in my initial answer.


Featured Post

Free NetCrunch network monitor licenses!

Only on Experts-Exchange: Sign-up for a free-trial and we'll send you your permanent license!

Here is what you get: 30 Nodes | Unlimited Sensors | No Time Restrictions | Absolutely FREE!

Act now. This offer ends July 14, 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Make the most of your online learning experience.
Sending a Secure fax is easy with eFax Corporate ( First, just open a new email message. In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question