How to turn off the Unknown Publisher warning when opening an executable file from a mapped drive.
Have you ever wondered why Windows prompts you with this warning when running a common file from your network that you are sure is safe? It can happen in a variety of Windows Operating Systems, Windows Server 2008 R2, Windows NT and Windows 7.
This behavior is very important when you are downloading a new file from the internet and you don’t know if the file is safe, but a waste of time when it is a file on your LAN, or one you use on a regular basis and are sure that it is authentic and safe.
Notice there is no check-box on the dialog letting you bypass this warning for the same file in the future. The good news is that you can modify this behavior very easily by making a simple change to the Windows Group Policy. Please use this with caution, the message is being displayed for a reason and it should not be ignored under certain circumstances. The problem with this warning, is that on certain devices, the warning isn’t displayed properly, and you are stuck with no way to proceed with your installation.
This Unknown Publisher warning can happen on Windows XP SP2 and above, Windows 2003 R2 / Windows 2008 R2 and above, Windows Vista, and Windows 7. It can be be a real show stopper on devices such as Pro-Palms or other Terminal Services (now known as Remote Desktop Services) environments because in the seamless window is unpredictable, it will either it prompts for the security error, deny access, or sometimes the prompt gets lost behind another screen where you cannot see it.
To fix the problem first change the group policy on the server then add the mapped drives into the security zone.
Change Group Policy
- Run gpedit.msc on the terminal server
- Locate the setting Computer Configuration, Administrative Templates, Internet Explorer, Security Zones: Use only machine settings, and set the option to “Enabled”
- Note – this will make the IE zone settings the same for all users on the computer
Add UNC paths to Security Zone
- Log in as an administrator on the terminal server
- Click Start → Run → and type inetcpl.cpl
- On the Security tab highlight Local intranet and click Sites
- Make sure the Automatically detect intranet network is unchecked
- Make sure Include all network paths (UNCs) is checked
- Click Advanced
- In the Add this website to the zone box, one at a time type every letter from f: through z: and click add. If the drive is mapped it will add in a UNC in the pattern file://VOLUME_NAME
- When you are done close out and save your changes.
This should eliminate the Unknown Publisher warning dialog and problems that it causes on many devices. Special thanks to Mike Bianco, my brother for finding this solution. I hope that someone else can make use of this solution! If you found this article useful and it is appropriate please consider visiting my sponsors to help me support the bandwidth required for some of these popular articles. As of now I’m on the bench and available for PowerBuilder and/or Silverlight work… thank you…
Sincerely, The DisplacedGuy (a.k.a. Rich)