How to turn off the Unknown Publisher warning when opening an executable file from a mapped drive.

Have you ever wondered why Windows prompts you with this warning when running a common file from your network that you are sure is safe?  It can happen in a variety of Windows Operating Systems, Windows Server 2008 R2,  Windows NT and Windows 7.

This behavior is very important when you are downloading a new file from the internet and you don’t know if the file is safe, but a waste of time when it is a file on your LAN, or one you use on a regular basis and are sure that it is authentic and safe.

Notice there is no check-box on the dialog letting you bypass this warning for the same file in the future.  The good news is that you can modify this behavior very easily by making a simple change to the Windows Group Policy.  Please use this with caution, the message is being displayed for a reason and it should not be ignored under certain circumstances. The problem with this warning, is that on certain devices, the warning isn’t displayed properly, and you are stuck with no way to proceed with your installation.

This Unknown Publisher warning can happen on Windows XP SP2 and above, Windows 2003 R2Windows 2008 R2 and above, Windows Vista, and Windows 7.  It can be be a real show stopper on devices such as Pro-Palms or other Terminal Services (now known as Remote Desktop Services) environments because in the seamless window is unpredictable, it will either it prompts for the security error, deny access, or sometimes the prompt gets lost behind another screen where you cannot see it.

To fix the problem first change the group policy on the server then add the mapped drives into the security zone.

Change Group Policy

  • Run gpedit.msc on the terminal server
  • Locate the setting Computer Configuration, Administrative Templates, Internet Explorer, Security Zones: Use only machine settings, and set the option to “Enabled”
  • Note – this will make the IE zone settings the same for all users on the computer

Add UNC paths to Security Zone

  • Log in as an administrator on the terminal server
  • Click StartRun → and type inetcpl.cpl
  • On the Security tab highlight Local intranet and click Sites
  • Make sure the Automatically detect intranet network is unchecked
  • Make sure Include all network paths (UNCs) is checked
  • Click Advanced
  • In the Add this website to the zone box, one at a time type every letter from f: through z: and click add. If the drive is mapped it will add in a UNC in the pattern file://VOLUME_NAME
  • When you are done close out and save your changes.

This should eliminate the Unknown Publisher warning dialog and problems that it causes on many devices.  Special thanks to Mike Bianco, my brother for finding this solution.  I hope that someone else can make  use of this solution!  If you found this article useful and it is appropriate please consider visiting my sponsors to help me support the bandwidth required for some of these popular articles.  As of now I’m on the bench and available for PowerBuilder and/or Silverlight work… thank you…

Sincerely, The DisplacedGuy (a.k.a. Rich)

20 Responses

  1. Howdy there,I discover that your site is quite instructive and useful and we wonder if there is really a possibility of obtaining More writing like this on your weblog. If you willing to support us out, we will be willing to compensate you… Sincerely, Sydney Lusty

  2. Good points…I would note that as someone who really doesn’t write on blogs much (in fact, this may be my first post), I don’t think the term “lurker” is very becoming to a non-posting reader. It’s not your fault in the least , but perhaps the blogosphere could come up with a better, non-creepy name for the 90% of us that enjoy just reading the content .

  3. Thanks a lot for sharing this with all folks you actually understand what you’re talking approximately! Bookmarked. Please additionally talk over with my web site =). We could have a link exchange arrangement among us

Leave a Reply

Your email address will not be published. Required fields are marked *