How to turn off the Unknown Publisher warning when opening an executable file from a mapped drive.
Have you ever wondered why Windows prompts you with this warning when running a common file from your network that you are sure is safe? It can happen in a variety of Windows Operating Systems, Windows Server 2008 R2, Windows NT and Windows 7.
This behavior is very important when you are downloading a new file from the internet and you don’t know if the file is safe, but a waste of time when it is a file on your LAN, or one you use on a regular basis and are sure that it is authentic and safe.
Notice there is no check-box on the dialog letting you bypass this warning for the same file in the future. The good news is that you can modify this behavior very easily by making a simple change to the Windows Group Policy. Please use this with caution, the message is being displayed for a reason and it should not be ignored under certain circumstances. The problem with this warning, is that on certain devices, the warning isn’t displayed properly, and you are stuck with no way to proceed with your installation.
This Unknown Publisher warning can happen on Windows XP SP2 and above, Windows 2003 R2 / Windows 2008 R2 and above, Windows Vista, and Windows 7. It can be be a real show stopper on devices such as Pro-Palms or other Terminal Services (now known as Remote Desktop Services) environments because in the seamless window is unpredictable, it will either it prompts for the security error, deny access, or sometimes the prompt gets lost behind another screen where you cannot see it.
To fix the problem first change the group policy on the server then add the mapped drives into the security zone.
Change Group Policy
- Run gpedit.msc on the terminal server
- Locate the setting Computer Configuration, Administrative Templates, Internet Explorer, Security Zones: Use only machine settings, and set the option to “Enabled”
- Note – this will make the IE zone settings the same for all users on the computer
Add UNC paths to Security Zone
- Log in as an administrator on the terminal server
- Click Start → Run → and type inetcpl.cpl
- On the Security tab highlight Local intranet and click Sites
- Make sure the Automatically detect intranet network is unchecked
- Make sure Include all network paths (UNCs) is checked
- Click Advanced
- In the Add this website to the zone box, one at a time type every letter from f: through z: and click add. If the drive is mapped it will add in a UNC in the pattern file://VOLUME_NAME
- When you are done close out and save your changes.
This should eliminate the Unknown Publisher warning dialog and problems that it causes on many devices. Special thanks to Mike Bianco, my brother for finding this solution. I hope that someone else can make use of this solution! If you found this article useful and it is appropriate please consider visiting my sponsors to help me support the bandwidth required for some of these popular articles. As of now I’m on the bench and available for PowerBuilder and/or Silverlight work… thank you…
Sincerely, The DisplacedGuy (a.k.a. Rich)
[…] Prev […]
nice post. thanks.
Howdy there,I discover that your site is quite instructive and useful and we wonder if there is really a possibility of obtaining More writing like this on your weblog. If you willing to support us out, we will be willing to compensate you… Sincerely, Sydney Lusty
Hello could I reference some of the material from this entry if I provide a link back to your site?
Yes, absolutely that would be fine. Thank you for asking.
Sorry it took me so long to reply.
cant beleive i stumbled onto your post..thanks so much!!! i am going to have to sign up 2 ur RSS feed so i can keep updated with your post…thanks Again
It was some good information that you posted.
Where did you research this? 🙂
Super site, and nice text.
Thank you for taking the time to discuss this, I feel strongly about information and love learning more on this. If possible,it is very helpful for me.
Hi this is amazing site! really perfect and it will be a new inspirations for me
Nice Post. This is really very good article. I noticed all your important points. Thanks!!
Really nice and impressive blog i found today.
Good points…I would note that as someone who really doesn’t write on blogs much (in fact, this may be my first post), I don’t think the term “lurker” is very becoming to a non-posting reader. It’s not your fault in the least , but perhaps the blogosphere could come up with a better, non-creepy name for the 90% of us that enjoy just reading the content .
I was seeing some new errors on my operaing system, i was thinking its a virus attack but it some thing else. Thanks for share your content, its very helpful for all.
I think your article is very useful, i can learn a lot.
I am sorry but I could not get it to work. The Locate the setting under “Change Group Policy” does not look the same on my Windows 7 Pro 64-bit computer.
hi.thank for your solution.its solves my problem.
Thanks a lot for sharing this with all folks you actually understand what you’re talking approximately! Bookmarked. Please additionally talk over with my web site =). We could have a link exchange arrangement among us
From the standpoint of a developer of software that gets that message, though, the correct solution is to sign the code with a Code Signing Certificate.