Ok, after running into this several times and being thoroughly annoyed, I finally found the fix (and I do mean fix). What I’m talking about is the annoying secure IE mode that is installed by default in Windows 2003. I understand the thinking (I get it… it’s a server you should be running certain types of browser plugins on it). Basically the annoying part is that all plugins are blocked even if you put a site in the trusted zone and allow ActiveX controls on trusted sites (sorry it won’t work). Instead of making it easy to turn on and off they put the “fix” somewhere other than in IE. So, you have to scan the internet looking for an answer (I didn’t find it on MS’ site that’s for sure… although I wouldn’t doubt that it is there). I finally found this site – http://www.msfn.org/win2k3/ie.htm which tells you how to turn Win2k3 into a desktop; the first step is how to uninstall the Secure Console IE… The hint there to the solution is the word “uninstall” and not “disable.” You have to uninstall this from the Windows components using add/remove programs… yep, you read that right, Uninstall a security component (!!??!!)
Security features should be disabled/enabled, not “uninstalled.” Actually the problem with this feature is that they’re right in most case I don’t need to access content via a web browser on a server. Where the problem comes in is when I’m remotely connected to a client’s machine and need to install something or download something from say my MSDN Universal subscription (MSDN Universal uses an ActiveX for downloads)… BTW, in my current situation I needed to get the ISO for Windows 2003 so that I could add FTP to my client’s server… I don’t have my copy handy… all I have is MSDN.
But the real problem is that now that I have uninstalled the feature will I be re-installing it? Nope… it’s too much effort to turn it on and off… I’d rather there was a simple way within IE that would let me temporarily disable it for the next 5 minutes or something like that… it would certainly make things easier for me.
One parting thought. I was always taught by my security mentors that something is secure if security is easy; when security is hard then it’s not secure.