[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

icacls permissions suddenly seems to change for certain workstations in domain

Posted on 2014-04-09
6
Medium Priority
?
552 Views
Last Modified: 2014-04-24
AD-domain on 2003-servers
Windows 7 workstations defined in AD
Users is logging on domain, and local non-admin rights

The last weeks I have stuggled with user-permissions on desktop and taskbar links (and other files too).
Issue havn't been reported at all before ca 4 weeks ago.

The user/workstation can run fine for a couple of days, the suddenly for only some users/workstations it seems  that the user-rights to desktop-links aso is changed.
The users are prompted for:

"Open File - Security Warning"

Seems to be related to the workstation, when the user logs on to an other the workstation, the Issue is not there.

Have read a lot of topics how to partly solve the Issue on relevant folders by t.ex:

C:\Users\Public\Desktop>ICACLS *.LNK /L /SETINTEGRITYLEVEL MED

which solve the Issue for actual shorcuts, but when users create a new shortcut, the Issue persists for this new shortcut.

I'll really like to find the Cause to this Issue, hope someone can guide me where to search.
0
Comment
Question by:olefisk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 13

Expert Comment

by:Santosh Gupta
ID: 39988454
Hi,

Please try below...

Close internet explorer
Open up a cmd prompt
cd "\Program Files\Internet Explorer"
set SEE_MASK_NOZONECHECKS=1
iexplore

http://earthwithsun.com/questions/595211/removing-the-open-file-security-warning-in-windows-8
0
 

Author Comment

by:olefisk
ID: 39989814
Hi Santosh

Thanks for the reply.
Sorry doesn't seem to help (done it on both iexplore-64 and iexplore-32).

t.ex. when copying the link "Windows media player" from start-menu to desktop, and when clicking the desktop-shortcut the warning still comes up.

By the way, have You any Idea what can cause the changes to some workstations ?
0
 
LVL 13

Accepted Solution

by:
Santosh Gupta earned 2000 total points
ID: 39989880
Hi,

Not sure why this happens. pls try below and revert.

http://www.ehow.com/how_5804009_disable-security-warning-windows-xp.html
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:olefisk
ID: 39990072
Hi again Santosh.

Thank You, seems to solve the Issue.

Have investigated on the differences on users/workstations, which do or do not have the Issue.

A clue seems to be users/workstations, which have the Issue, can be users who have their "my documents" folder moved to a mapped network-share.
Does that seem reasonable ?
0
 
LVL 13

Assisted Solution

by:Santosh Gupta
Santosh Gupta earned 2000 total points
ID: 39990251
Ohh is this the case. yes it may.

try this solution.
•Go to Control Panel -> Internet Options -> Security -> Local Intranet -> Sites -> Advanced
•Add the mapped drive or UNC path (\\machine or network loccation)
0
 

Author Comment

by:olefisk
ID: 40021291
Hi Santosh

Sorry for the late reply, have tested a lot, stopped by the Eastern hollidays, and tested further the last days.
Your last reply seems to solve the Issue for the users with Documents folder placed on a mapped network-share.
Had still a few users which havn't mapped their Documents-folder, but they are solved via changing the security-Policy.

So Issue seems to be solved, but still annoying that I don't know what causes the Issue.

Thank You very much for Your help
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes Administrators rights are not enough. These cases call for the SYSTEM account. The process in this article outlines the steps required to execute commands using the SYSTEM account.
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question