Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Friday, July 27, 2007 11:52 AM
In XP/2003 I can turn off the "Internet Explorer Enhanced Security Configuration is enabled" in IE in the Add/Remove programs.
How do I do this in Windows Server 2003 / Longhorn?
Ian
All replies (35)
Friday, July 27, 2007 11:57 AM ✅Answered | 21 votes
Found it finally.
Go to Server Manager
Click the top item in the tree to the left "Server Manager"
On the page that appears, go to "Security Information"
Look for "Configure IE ESC" on the right.
Perhaps IE ESC could be renamed to "IE Security"
Sunday, October 7, 2007 11:21 AM | 3 votes
Why is not just in ....Internet explored security options.....DUH ...another common sense out the window scenario.....
It shoud be a checkbox on the main security tab......you are welcome Microsoft....please send me a check.....
Saturday, April 12, 2008 7:41 PM
This hiding of features is what bugs me about Vista and Server 2008. Things that used to be easy to find are scattered around.
A matrix or search tool of how it was done in a prior OS and the same task is done in the current OS would lead to better adaption of Vista and 2008.
For example there is no Add/Remove Programs an Windows Features in 2008 like it is in 2003, XP Pro, 2000 or Win98. Moving it to features at least requires a breadcrumb in the prior location.
Stuff that was so easy with a Right click Properties is now 3-4 more layers down.
Thursday, July 8, 2010 3:14 AM | 3 votes
I have just installed Server 2008 for the first time. But the documentation is still of Server 2003 vintage.
res://iesetup.dll/IESechelp.htm#manage on my system says:
Go to Control Panel and then Add or Remove Programs. I assume it's Program and Features.
Then it says go to Add/Remove Windows Components. I assume it's now Turn Windows features on or off.
Well, it's nowhere to be found under Turn Windows features on or off.
Thursday, July 8, 2010 10:47 AM
On Thu, 8 Jul 2010 03:14:44 +0000, K.Kong wrote:
I have just installed Server 2008 for the first time.? But the documentation is still of Server 2003 vintage.
res://iesetup.dll/IESechelp.htm#manage on my system says:
Go to Control Panel and then?*Add or Remove Programs*.? I assume it's*Program and Features*.
Then it says go to *Add/Remove Windows Components*.? I assume it's now*Turn Windows features on or off*.
Well, it's nowhere to be found?under *Turn Windows features on or off*.
Open Server Manager. Look at the far right side of the section labeled
Security Information.
Paul Adare
MVP - Identity Lifecycle Manager
http://www.identit.ca
Thursday, July 8, 2010 11:17 AM
Sorry to confuse. I did see the answer by Ian Vink. Posted my message hoping that the powers that be see it and will update the doucmentation.
Friday, July 16, 2010 1:15 PM
After setting both admins and users to off, users found in Remote Desktop group on our Terminal Services Server still has IESC enabled. Is there any other places to check? GPO shows no added config for IESC. It's running win2008 ent 32-bit.
Friday, July 16, 2010 1:52 PM
fixed by adding local gpo.
Thursday, February 10, 2011 1:52 PM
On Server 2003, this option is the best way to disable enhanced security on I.E.
T Beaucage
Friday, June 10, 2011 11:43 PM | 8 votes
Fuck you microsoft. yet another asshole move. Lets make it really fucking frustrating....
Monday, July 11, 2011 1:11 PM | 3 votes
Remove "Internet Explorer Enhanced Security" using Add\Remove programs Don't bother to try and configure it.
Wednesday, August 17, 2011 3:40 AM | 13 votes
This is for windows server 2003.
To enable/Disable Internet Explorer Enhanced Security Configuration
- Open Control Panel, click Add or Remove Programs, and then click Add/Remove Windows Components.
- Select Internet Explorer Enhanced Security Configuration, and then do one of the following:
- To apply the Internet Explorer Enhanced Security Configuration to both administrators and all other users, click Next.
- To apply the Internet Explorer Enhanced Security Configuration to only one of these groups (either administrators or users who are not in an Administrators group), click Details, select either For administrator groups or For all other user groups.
- Click Next, and then click Finish.
- Restart Internet Explorer to apply the enhanced security settings.
Monday, August 22, 2011 8:55 PM | 1 vote
Fuck you microsoft. yet another asshole move. Lets make it really fucking frustrating....
I find this sentiment to NOT BE ABUSIVE and is an accurate summary of the situation.
Thank you WindowsBlows if only our squeeky little voices made a difference.
My observation is this: Even after disabling IE ESC as described above I am reminded with EVERY SINGLE page
that IE ESC is not turned on with a large yellow bar at the top. Which is really annoying. Would love to turn off the yellow bar.
I find some obscure thing called f i r e f o x and c h r o m e working really well and frustration free.
I want less frustration.
Also grateful that no M V P's appeared to answer. Those answers are never solutions at all, EVER.
Saturday, September 17, 2011 3:56 PM | 1 vote
Without a doubt the single most annoying time consuming feature built into Windows.
Wednesday, September 21, 2011 11:58 PM | 1 vote
Fuck you microsoft. yet another asshole move. Lets make it really fucking frustrating....
I find this sentiment to NOT BE ABUSIVE and is an accurate summary of the situation.
Thank you WindowsBlows if only our squeeky little voices made a difference.
My observation is this: Even after disabling IE ESC as described above I am reminded with EVERY SINGLE page
that IE ESC is not turned on with a large yellow bar at the top. Which is really annoying. Would love to turn off the yellow bar.
I find some obscure thing called f i r e f o x and c h r o m e working really well and frustration free.
I want less frustration.
Also grateful that no M V P's appeared to answer. Those answers are never solutions at all, EVER.
The real problem here, unfortunately, is not Microsoft. I would love to blame them, but frankly it is not their fault this time.
Remember that lawsuite a while back? Some company with a poor server administrator who had no clue how to secure his server ended up suing Microsoft for "not being secure". So now we have Microsoft having to tow down to the layers so they don't get sued again.
And that means making everything way too difficult for those of us who understand exactly what we are doing and why we are doing it -- and bearing in mind the what's and why's have decided we do not want certain security features enabled in our environments.
Take them to court now and all they have to do is say the "made it very difficult to disable security features" and the jerk suing them "intentionally bypassed system safety measures"
Tuesday, October 4, 2011 7:23 AM
Hello all. I have the same problem with my SEPM. The problem come from firewall in my case. I using Isa server 2004. I make a rule who allow all outbound traffic from "Computer" sepm-hostname/ip address (this is object in firewall who have to be created from the appropriate menu) to External network.
Everything run smoothly. No more error = 4 or 2.
For future use. Almost 99% of the returned error 4 or 2 is related to firewalls.
Good luck to all and sorry for may pure English.
Tuesday, November 29, 2011 1:44 AM
Is there a "Server Manager" in Windows Server 2003???
It seemed like your original question pertained to Server 2003....
Bob K
Monday, January 9, 2012 4:46 PM
This is amazingly difficult. Is there a single definitive list that says exactly what to do?
Friday, January 20, 2012 9:33 PM
Rudhra1 gave the definitive answer on Wednesday, August 17, 2011 3:40 AM
Thank you Rudhra1
Thursday, February 16, 2012 3:09 PM
Instead of complaining, perhaps an alternate solution is for you to develop your own web browser. You design it to your satisfaction and deal with security issues yourself. If you don't like IE, make your own path.
Friday, April 6, 2012 2:20 AM
sorry about the propose un-propose - thought it referred to what i was writing - i have disabled IE ESC so that all web pages open without its check - i did it thus _ went to control panel>programs and features>turn windows features on and off> security information>configure IE ESC - here is the option to turn on and off for administrator and/or users - after my doing this it was removed from IE and as mentioned web pages open without the pop up of ESC
Monday, April 30, 2012 10:00 PM
Can someone explain this screen shot... Server Manager says its off, but the browser says (and behaves as if) its on...
When logged in as THE Administrator the setting is honored, but when logged in as any other account it is not.
Tuesday, June 12, 2012 9:04 AM | 1 vote
If anyone is interested in how to do this in Server 2008
Follow this tutorial:
Disable Internet Explorer Enhanced Security Configuration - Windows Server 2008
I hope this helps!
Tuesday, June 19, 2012 2:27 PM
Thanks!
It works for me.
Wednesday, March 6, 2013 4:02 PM
god only knows why this is enabled by default at all. just another thing for administrators to have to disable by default on every single server. Haven't met a single admin who ever leaves this enabled.
Wednesday, April 24, 2013 8:20 PM
god only knows why this is enabled by default at all. just another thing for administrators to have to disable by default on every single server. Haven't met a single admin who ever leaves this enabled.
Hello, look at me and you will. ;) There's no single reason to make ALL servers able to browse internet. Maybe, terminal servers should. But the most of servers MUST be ESC-enabled. I think, security reasons are clear enough for all administrators.
Сквозь сиреневый дым...
Monday, July 1, 2013 1:53 AM
Found it finally.
Go to Server Manager
Click the top item in the tree to the left "Server Manager"
On the page that appears, go to "Security Information"
Look for "Configure IE ESC" on the right.Perhaps IE ESC could be renamed to "IE Security"
Thanks Ian.
Kind Regards Jaber
Wednesday, October 23, 2013 1:12 PM
On a Windows 2003 terminal server adding the IE ESC and re-adding solved the problem for administrator users only.
The fix for remote desktop users was to search the registry for the IEHarden and IEHardenIENoWarn values for each users profile within the registry and set the value to 0.
Thursday, October 31, 2013 6:32 AM
Sorry Mikey but I do not agree with your answer.
Law doesn't say you to continuously display the popup / notifications again and again on the windows.
It might be good that you display a popup once asking what would you like to do bla bla and take a response once.
Being a Quality Engineer my response is It's a bad design for sure which could have been avoided :) . Every one is not dumb enough with security that you bug them consistently.
Depinder Bharti
Thursday, October 31, 2013 6:35 AM
We believe in helping and Improving things with our reviews :)
Re inventing the wheel is not going to help and I think Microsoft should be happy that customers are dropping their comments/Reviews so that they can take care of it in their Next versions or release a patch.
Noticed? instead of coming here people could have started using Google Chrome/FireFox etc but the real guys are here.
Friday, November 1, 2013 8:18 AM
dun understand their intention,
it is to make it easier to find to disable, it should be always on
Friday, November 1, 2013 5:21 PM
Hi Steven, the same thing just happened to me running Server 2008 Datacenter Edition on AWS. Did you ever find a solution for turning this off and getting IE to honor it?
Wednesday, June 3, 2015 3:08 PM
Can someone explain this screen shot... Server Manager says its off, but the browser says (and behaves as if) its on...
When logged in as THE Administrator the setting is honored, but when logged in as any other account it is not.
I'm having SAME ISSUE. Server 2012. Causing issues OUTSIDE of interenet explorer possibly. I've done everything from checking registry to changing GP and forcing it to disable on login. This still doesn't work, always says it's still enabled. Did anyone find a fix yet?
Thursday, June 11, 2015 8:57 PM
- Just read this note : Self explanatory
- When you apply Internet Explorer Enhanced Security Configuration to the Administrators group, the settings are applied to administrators. For Windows Server 2003, when you apply Internet Explorer Enhanced Security Configuration to All other user groups, the settings are applied to all groups except for the Administrators group. For Windows Server 2008, when you apply Internet Explorer Enhanced Security Configuration to Users, the settings are applied to all groups except for the Administrators group.
Friday, March 23, 2018 7:01 AM
Worked.. Thanks!!