How do you prevent the security warning "unknown publisher" for all users?

[Saucer Man]

When a user launches a RemoteAPP program, he gets an Open File - Security
Warning. It says "The publisher could not be verified. Are you sure you
want to run this software?" The dialog prompt refers to the drive letter
mapping and the .exe in question. How can I set up the terminal server so
these prompts do not happen to any user?

--
Thanks!

 

[Vera Noest [MVP]]

Re: How do you prevent the security warning "unknown publisher" for all users?

Re: How do you prevent the security warning "unknown publisher" for all users?

Check if this helps:

When users start a RemoteApp, they get a dialog box: "a Website wants
to start a remote connection. The publisher of this remote connection
cannot be identified."
http://ts.veranoest.net/ts_faq_user_issues.htm#RemoteApp_signing

_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
*----------- Please reply in newsgroup -------------*

"Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008:

> When a user launches a RemoteAPP program, he gets an Open File -
> Security Warning. It says "The publisher could not be verified.
> Are you sure you want to run this software?" The dialog prompt
> refers to the drive letter mapping and the .exe in question.
> How can I set up the terminal server so these prompts do not
> happen to any user?

 

[Saucer Man]

Re: How do you prevent the security warning "unknown publisher" for all users?

Re: How do you prevent the security warning "unknown publisher" for all users?

We are not getting "a Website wants to start a remote connection". I don't
know if the Cert applies here. I thought it was a Group Policy referring to
trusted intranet sites that needs to be set. Am I wrong?


"Vera Noest [MVP]" <Vera.Noest@remove-this.hem.utfors.se> wrote in message
news:Xns9AF199A50F5DDveranoesthemutforsse@207.46.248.16...
> Check if this helps:
>
> When users start a RemoteApp, they get a dialog box: "a Website wants
> to start a remote connection. The publisher of this remote connection
> cannot be identified."
> http://ts.veranoest.net/ts_faq_user_issues.htm#RemoteApp_signing
>
> _________________________________________________________
> Vera Noest
> MCSE, CCEA, Microsoft MVP - Terminal Server
> TS troubleshooting: http://ts.veranoest.net
> *----------- Please reply in newsgroup -------------*
>
> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008:
>
>> When a user launches a RemoteAPP program, he gets an Open File -
>> Security Warning. It says "The publisher could not be verified.
>> Are you sure you want to run this software?" The dialog prompt
>> refers to the drive letter mapping and the .exe in question.
>> How can I set up the terminal server so these prompts do not
>> happen to any user?

 

[Vera Noest [MVP]]

Re: How do you prevent the security warning "unknown publisher" for all users?

Re: How do you prevent the security warning "unknown publisher" for all users?

Then I would expect this message:

When users start a program, they get a "file download" dialog box,
or an error message: "Windows cannot access the specified device,
path, or file. You may not have the appropriate permissions to
access the item."
http://ts.veranoest.net/ts_faq_user_issues.htm#IEESconfig

but you can give it a try.
_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
___ please respond in newsgroup, NOT by private email ___

"Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008 in
microsoft.public.windows.terminal_services:

> We are not getting "a Website wants to start a remote
> connection". I don't know if the Cert applies here. I thought
> it was a Group Policy referring to trusted intranet sites that
> needs to be set. Am I wrong?
>
>
> "Vera Noest [MVP]" <Vera.Noest@remove-this.hem.utfors.se> wrote
> in message
> news:Xns9AF199A50F5DDveranoesthemutforsse@207.46.248.16...
>> Check if this helps:
>>
>> When users start a RemoteApp, they get a dialog box: "a Website
>> wants to start a remote connection. The publisher of this
>> remote connection cannot be identified."
>> http://ts.veranoest.net/ts_faq_user_issues.htm#RemoteApp_signing
>>
>> _________________________________________________________
>> Vera Noest
>> MCSE, CCEA, Microsoft MVP - Terminal Server
>> TS troubleshooting: http://ts.veranoest.net
>> *----------- Please reply in newsgroup -------------*
>>
>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008:
>>
>>> When a user launches a RemoteAPP program, he gets an Open File
>>> - Security Warning. It says "The publisher could not be
>>> verified.
>>> Are you sure you want to run this software?" The dialog
>>> prompt
>>> refers to the drive letter mapping and the .exe in question.
>>> How can I set up the terminal server so these prompts do not
>>> happen to any user?

 

[Saucer Man]

Re: How do you prevent the security warning "unknown publisher" for all users?

Re: How do you prevent the security warning "unknown publisher" for all users?

Here is the exact message...



Title Bar: Open File - Security Warning
Message: The publisher could not be verified. Are you sure you want to run
this software?
Name: u:\folder\program.exe
Publisher: Unknown Publisher
Type: Application
From: u:\folder\program.exe

Run button Cancel button

This file does not have a valid digital signature that verifies its
publisher. You should only run software from publishers you trust.
How can I decide what software to run?



....It doesn't mention website or file download.



"Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote in message
news:Xns9AF1D604C7326veranoesthemutforsse@207.46.248.16...
> Then I would expect this message:
>
> When users start a program, they get a "file download" dialog box,
> or an error message: "Windows cannot access the specified device,
> path, or file. You may not have the appropriate permissions to
> access the item."
> http://ts.veranoest.net/ts_faq_user_issues.htm#IEESconfig
>
> but you can give it a try.
> _________________________________________________________
> Vera Noest
> MCSE, CCEA, Microsoft MVP - Terminal Server
> TS troubleshooting: http://ts.veranoest.net
> ___ please respond in newsgroup, NOT by private email ___
>
> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008 in
> microsoft.public.windows.terminal_services:
>
>> We are not getting "a Website wants to start a remote
>> connection". I don't know if the Cert applies here. I thought
>> it was a Group Policy referring to trusted intranet sites that
>> needs to be set. Am I wrong?
>>
>>
>> "Vera Noest [MVP]" <Vera.Noest@remove-this.hem.utfors.se> wrote
>> in message
>> news:Xns9AF199A50F5DDveranoesthemutforsse@207.46.248.16...
>>> Check if this helps:
>>>
>>> When users start a RemoteApp, they get a dialog box: "a Website
>>> wants to start a remote connection. The publisher of this
>>> remote connection cannot be identified."
>>> http://ts.veranoest.net/ts_faq_user_issues.htm#RemoteApp_signing
>>>
>>> _________________________________________________________
>>> Vera Noest
>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>> TS troubleshooting: http://ts.veranoest.net
>>> *----------- Please reply in newsgroup -------------*
>>>
>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008:
>>>
>>>> When a user launches a RemoteAPP program, he gets an Open File
>>>> - Security Warning. It says "The publisher could not be
>>>> verified.
>>>> Are you sure you want to run this software?" The dialog
>>>> prompt
>>>> refers to the drive letter mapping and the .exe in question.
>>>> How can I set up the terminal server so these prompts do not
>>>> happen to any user?
>

 

[Vera Noest [MVP]]

Re: How do you prevent the security warning "unknown publisher" for all users?

Re: How do you prevent the security warning "unknown publisher" for all users?

But have you digitally signed your rdp files? Without that, you'll
not get rid of the warning.
_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
___ please respond in newsgroup, NOT by private email ___

"Saucer Man" <saucerman@nospam.com> wrote on 06 aug 2008 in
microsoft.public.windows.terminal_services:

> Here is the exact message...
>
>
>
> Title Bar: Open File - Security Warning
> Message: The publisher could not be verified. Are you sure you
> want to run this software?
> Name: u:\folder\program.exe
> Publisher: Unknown Publisher
> Type: Application
> From: u:\folder\program.exe
>
> Run button Cancel button
>
> This file does not have a valid digital signature that
> verifies its
> publisher. You should only run software from publishers you
> trust. How can I decide what software to run?
>
>
>
> ...It doesn't mention website or file download.
>
>
>
> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote
> in message
> news:Xns9AF1D604C7326veranoesthemutforsse@207.46.248.16...
>> Then I would expect this message:
>>
>> When users start a program, they get a "file download" dialog
>> box, or an error message: "Windows cannot access the specified
>> device, path, or file. You may not have the appropriate
>> permissions to access the item."
>> http://ts.veranoest.net/ts_faq_user_issues.htm#IEESconfig
>>
>> but you can give it a try.
>> _________________________________________________________
>> Vera Noest
>> MCSE, CCEA, Microsoft MVP - Terminal Server
>> TS troubleshooting: http://ts.veranoest.net
>> ___ please respond in newsgroup, NOT by private email ___
>>
>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008 in
>> microsoft.public.windows.terminal_services:
>>
>>> We are not getting "a Website wants to start a remote
>>> connection". I don't know if the Cert applies here. I
>>> thought it was a Group Policy referring to trusted intranet
>>> sites that needs to be set. Am I wrong?
>>>
>>>
>>> "Vera Noest [MVP]" <Vera.Noest@remove-this.hem.utfors.se>
>>> wrote in message
>>> news:Xns9AF199A50F5DDveranoesthemutforsse@207.46.248.16...
>>>> Check if this helps:
>>>>
>>>> When users start a RemoteApp, they get a dialog box: "a
>>>> Website wants to start a remote connection. The publisher of
>>>> this remote connection cannot be identified."
>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#RemoteApp_signi
>>>> ng
>>>>
>>>> _________________________________________________________
>>>> Vera Noest
>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>> TS troubleshooting: http://ts.veranoest.net
>>>> *----------- Please reply in newsgroup -------------*
>>>>
>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008:
>>>>
>>>>> When a user launches a RemoteAPP program, he gets an Open
>>>>> File - Security Warning. It says "The publisher could not
>>>>> be verified.
>>>>> Are you sure you want to run this software?" The dialog
>>>>> prompt
>>>>> refers to the drive letter mapping and the .exe in question.
>>>>> How can I set up the terminal server so these prompts do not
>>>>> happen to any user?

 

[Saucer Man]

Re: How do you prevent the security warning "unknown publisher" for all users?

Re: How do you prevent the security warning "unknown publisher" for all users?

That's probably the issue. How do I digitally sign these .rdp files?


"Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote in message
news:Xns9AF2A63192154veranoesthemutforsse@207.46.248.16...
> But have you digitally signed your rdp files? Without that, you'll
> not get rid of the warning.
> _________________________________________________________
> Vera Noest
> MCSE, CCEA, Microsoft MVP - Terminal Server
> TS troubleshooting: http://ts.veranoest.net
> ___ please respond in newsgroup, NOT by private email ___
>
> "Saucer Man" <saucerman@nospam.com> wrote on 06 aug 2008 in
> microsoft.public.windows.terminal_services:
>
>> Here is the exact message...
>>
>>
>>
>> Title Bar: Open File - Security Warning
>> Message: The publisher could not be verified. Are you sure you
>> want to run this software?
>> Name: u:\folder\program.exe
>> Publisher: Unknown Publisher
>> Type: Application
>> From: u:\folder\program.exe
>>
>> Run button Cancel button
>>
>> This file does not have a valid digital signature that
>> verifies its
>> publisher. You should only run software from publishers you
>> trust. How can I decide what software to run?
>>
>>
>>
>> ...It doesn't mention website or file download.
>>
>>
>>
>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote
>> in message
>> news:Xns9AF1D604C7326veranoesthemutforsse@207.46.248.16...
>>> Then I would expect this message:
>>>
>>> When users start a program, they get a "file download" dialog
>>> box, or an error message: "Windows cannot access the specified
>>> device, path, or file. You may not have the appropriate
>>> permissions to access the item."
>>> http://ts.veranoest.net/ts_faq_user_issues.htm#IEESconfig
>>>
>>> but you can give it a try.
>>> _________________________________________________________
>>> Vera Noest
>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>> TS troubleshooting: http://ts.veranoest.net
>>> ___ please respond in newsgroup, NOT by private email ___
>>>
>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008 in
>>> microsoft.public.windows.terminal_services:
>>>
>>>> We are not getting "a Website wants to start a remote
>>>> connection". I don't know if the Cert applies here. I
>>>> thought it was a Group Policy referring to trusted intranet
>>>> sites that needs to be set. Am I wrong?
>>>>
>>>>
>>>> "Vera Noest [MVP]" <Vera.Noest@remove-this.hem.utfors.se>
>>>> wrote in message
>>>> news:Xns9AF199A50F5DDveranoesthemutforsse@207.46.248.16...
>>>>> Check if this helps:
>>>>>
>>>>> When users start a RemoteApp, they get a dialog box: "a
>>>>> Website wants to start a remote connection. The publisher of
>>>>> this remote connection cannot be identified."
>>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#RemoteApp_signi
>>>>> ng
>>>>>
>>>>> _________________________________________________________
>>>>> Vera Noest
>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>> *----------- Please reply in newsgroup -------------*
>>>>>
>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008:
>>>>>
>>>>>> When a user launches a RemoteAPP program, he gets an Open
>>>>>> File - Security Warning. It says "The publisher could not
>>>>>> be verified.
>>>>>> Are you sure you want to run this software?" The dialog
>>>>>> prompt
>>>>>> refers to the drive letter mapping and the .exe in question.
>>>>>> How can I set up the terminal server so these prompts do not
>>>>>> happen to any user?

 

[Vera Noest [MVP]]

Re: How do you prevent the security warning "unknown publisher" for all users?

Re: How do you prevent the security warning "unknown publisher" for all users?

That's done in RemoteApp Manager. You'll have to get a certificate.

Terminal Services RemoteApp Step-By-Step Guide
http://technet2.microsoft.com/windowsserver2008/en/library/61d24255
-dad1-4fd2-b4a3-a91a22973def1033.mspx?mfr=true

_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
___ please respond in newsgroup, NOT by private email ___

"Saucer Man" <saucerman@nospam.com> wrote on 06 aug 2008 in
microsoft.public.windows.terminal_services:

> That's probably the issue. How do I digitally sign these .rdp
> files?
>
>
> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote
> in message
> news:Xns9AF2A63192154veranoesthemutforsse@207.46.248.16...
>> But have you digitally signed your rdp files? Without that,
>> you'll not get rid of the warning.
>> _________________________________________________________
>> Vera Noest
>> MCSE, CCEA, Microsoft MVP - Terminal Server
>> TS troubleshooting: http://ts.veranoest.net
>> ___ please respond in newsgroup, NOT by private email ___
>>
>> "Saucer Man" <saucerman@nospam.com> wrote on 06 aug 2008 in
>> microsoft.public.windows.terminal_services:
>>
>>> Here is the exact message...
>>>
>>>
>>>
>>> Title Bar: Open File - Security Warning
>>> Message: The publisher could not be verified. Are you sure
>>> you want to run this software?
>>> Name: u:\folder\program.exe
>>> Publisher: Unknown Publisher
>>> Type: Application
>>> From: u:\folder\program.exe
>>>
>>> Run button Cancel button
>>>
>>> This file does not have a valid digital signature that
>>> verifies its
>>> publisher. You should only run software from publishers you
>>> trust. How can I decide what software to run?
>>>
>>>
>>>
>>> ...It doesn't mention website or file download.
>>>
>>>
>>>
>>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se>
>>> wrote in message
>>> news:Xns9AF1D604C7326veranoesthemutforsse@207.46.248.16...
>>>> Then I would expect this message:
>>>>
>>>> When users start a program, they get a "file download" dialog
>>>> box, or an error message: "Windows cannot access the
>>>> specified device, path, or file. You may not have the
>>>> appropriate permissions to access the item."
>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#IEESconfig
>>>>
>>>> but you can give it a try.
>>>> _________________________________________________________
>>>> Vera Noest
>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>> TS troubleshooting: http://ts.veranoest.net
>>>> ___ please respond in newsgroup, NOT by private email ___
>>>>
>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008 in
>>>> microsoft.public.windows.terminal_services:
>>>>
>>>>> We are not getting "a Website wants to start a remote
>>>>> connection". I don't know if the Cert applies here. I
>>>>> thought it was a Group Policy referring to trusted intranet
>>>>> sites that needs to be set. Am I wrong?
>>>>>
>>>>>
>>>>> "Vera Noest [MVP]" <Vera.Noest@remove-this.hem.utfors.se>
>>>>> wrote in message
>>>>> news:Xns9AF199A50F5DDveranoesthemutforsse@207.46.248.16...
>>>>>> Check if this helps:
>>>>>>
>>>>>> When users start a RemoteApp, they get a dialog box: "a
>>>>>> Website wants to start a remote connection. The publisher
>>>>>> of this remote connection cannot be identified."
>>>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#RemoteApp_sig
>>>>>> ni ng
>>>>>>
>>>>>> _________________________________________________________
>>>>>> Vera Noest
>>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>>> *----------- Please reply in newsgroup -------------*
>>>>>>
>>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008:
>>>>>>
>>>>>>> When a user launches a RemoteAPP program, he gets an Open
>>>>>>> File - Security Warning. It says "The publisher could not
>>>>>>> be verified.
>>>>>>> Are you sure you want to run this software?" The dialog
>>>>>>> prompt
>>>>>>> refers to the drive letter mapping and the .exe in
>>>>>>> question. How can I set up the terminal server so these
>>>>>>> prompts do not happen to any user?

 

[Saucer Man]

Re: How do you prevent the security warning "unknown publisher" for all users?

Re: How do you prevent the security warning "unknown publisher" for all users?

Ok. I was asking about a Cert in another post. If I get a CERT from
GoDaddy for the TS Gateway, it should also work for digitally signing the
..rdp files correct?


"Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote in message
news:Xns9AF3C94CAF82veranoesthemutforsse@207.46.248.16...
> That's done in RemoteApp Manager. You'll have to get a certificate.
>
> Terminal Services RemoteApp Step-By-Step Guide
> http://technet2.microsoft.com/windowsserver2008/en/library/61d24255
> -dad1-4fd2-b4a3-a91a22973def1033.mspx?mfr=true
>
> _________________________________________________________
> Vera Noest
> MCSE, CCEA, Microsoft MVP - Terminal Server
> TS troubleshooting: http://ts.veranoest.net
> ___ please respond in newsgroup, NOT by private email ___
>
> "Saucer Man" <saucerman@nospam.com> wrote on 06 aug 2008 in
> microsoft.public.windows.terminal_services:
>
>> That's probably the issue. How do I digitally sign these .rdp
>> files?
>>
>>
>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote
>> in message
>> news:Xns9AF2A63192154veranoesthemutforsse@207.46.248.16...
>>> But have you digitally signed your rdp files? Without that,
>>> you'll not get rid of the warning.
>>> _________________________________________________________
>>> Vera Noest
>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>> TS troubleshooting: http://ts.veranoest.net
>>> ___ please respond in newsgroup, NOT by private email ___
>>>
>>> "Saucer Man" <saucerman@nospam.com> wrote on 06 aug 2008 in
>>> microsoft.public.windows.terminal_services:
>>>
>>>> Here is the exact message...
>>>>
>>>>
>>>>
>>>> Title Bar: Open File - Security Warning
>>>> Message: The publisher could not be verified. Are you sure
>>>> you want to run this software?
>>>> Name: u:\folder\program.exe
>>>> Publisher: Unknown Publisher
>>>> Type: Application
>>>> From: u:\folder\program.exe
>>>>
>>>> Run button Cancel button
>>>>
>>>> This file does not have a valid digital signature that
>>>> verifies its
>>>> publisher. You should only run software from publishers you
>>>> trust. How can I decide what software to run?
>>>>
>>>>
>>>>
>>>> ...It doesn't mention website or file download.
>>>>
>>>>
>>>>
>>>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se>
>>>> wrote in message
>>>> news:Xns9AF1D604C7326veranoesthemutforsse@207.46.248.16...
>>>>> Then I would expect this message:
>>>>>
>>>>> When users start a program, they get a "file download" dialog
>>>>> box, or an error message: "Windows cannot access the
>>>>> specified device, path, or file. You may not have the
>>>>> appropriate permissions to access the item."
>>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#IEESconfig
>>>>>
>>>>> but you can give it a try.
>>>>> _________________________________________________________
>>>>> Vera Noest
>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>> ___ please respond in newsgroup, NOT by private email ___
>>>>>
>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008 in
>>>>> microsoft.public.windows.terminal_services:
>>>>>
>>>>>> We are not getting "a Website wants to start a remote
>>>>>> connection". I don't know if the Cert applies here. I
>>>>>> thought it was a Group Policy referring to trusted intranet
>>>>>> sites that needs to be set. Am I wrong?
>>>>>>
>>>>>>
>>>>>> "Vera Noest [MVP]" <Vera.Noest@remove-this.hem.utfors.se>
>>>>>> wrote in message
>>>>>> news:Xns9AF199A50F5DDveranoesthemutforsse@207.46.248.16...
>>>>>>> Check if this helps:
>>>>>>>
>>>>>>> When users start a RemoteApp, they get a dialog box: "a
>>>>>>> Website wants to start a remote connection. The publisher
>>>>>>> of this remote connection cannot be identified."
>>>>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#RemoteApp_sig
>>>>>>> ni ng
>>>>>>>
>>>>>>> _________________________________________________________
>>>>>>> Vera Noest
>>>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>>>> *----------- Please reply in newsgroup -------------*
>>>>>>>
>>>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008:
>>>>>>>
>>>>>>>> When a user launches a RemoteAPP program, he gets an Open
>>>>>>>> File - Security Warning. It says "The publisher could not
>>>>>>>> be verified.
>>>>>>>> Are you sure you want to run this software?" The dialog
>>>>>>>> prompt
>>>>>>>> refers to the drive letter mapping and the .exe in
>>>>>>>> question. How can I set up the terminal server so these
>>>>>>>> prompts do not happen to any user?
>

 

[Vera Noest [MVP]]

Re: How do you prevent the security warning "unknown publisher" for all users?

Re: How do you prevent the security warning "unknown publisher" for all users?

Did you read the Step-by-Step guide? The answers to all of your
questions are there:

If you are already using an SSL certificate for terminal server or
TS Gateway connections, you can use the same certificate to sign
..rdp files. However, if users will connect to RemoteApp programs
from public or home computers, you must use either of the
following:

* A certificate from a public certification authority (CA) that
participates in the Microsoft Root Certificate Program Members
program (http://go.microsoft.com/fwlink/?LinkID=59547).

* If you are using an enterprise CA, your enterprise CA-issued
certificate must be co-signed by a public CA that participates in
the Microsoft Root Certification Program Members program.

_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
___ please respond in newsgroup, NOT by private email ___

"Saucer Man" <saucerman@nospam.com> wrote on 07 aug 2008 in
microsoft.public.windows.terminal_services:

> Ok. I was asking about a Cert in another post. If I get a CERT
> from GoDaddy for the TS Gateway, it should also work for
> digitally signing the .rdp files correct?
>
>
> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote
> in message
> news:Xns9AF3C94CAF82veranoesthemutforsse@207.46.248.16...
>> That's done in RemoteApp Manager. You'll have to get a
>> certificate.
>>
>> Terminal Services RemoteApp Step-By-Step Guide
>> http://technet2.microsoft.com/windowsserver2008/en/library/61d24
>> 255 -dad1-4fd2-b4a3-a91a22973def1033.mspx?mfr=true
>>
>> _________________________________________________________
>> Vera Noest
>> MCSE, CCEA, Microsoft MVP - Terminal Server
>> TS troubleshooting: http://ts.veranoest.net
>> ___ please respond in newsgroup, NOT by private email ___
>>
>> "Saucer Man" <saucerman@nospam.com> wrote on 06 aug 2008 in
>> microsoft.public.windows.terminal_services:
>>
>>> That's probably the issue. How do I digitally sign these .rdp
>>> files?
>>>
>>>
>>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se>
>>> wrote in message
>>> news:Xns9AF2A63192154veranoesthemutforsse@207.46.248.16...
>>>> But have you digitally signed your rdp files? Without that,
>>>> you'll not get rid of the warning.
>>>> _________________________________________________________
>>>> Vera Noest
>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>> TS troubleshooting: http://ts.veranoest.net
>>>> ___ please respond in newsgroup, NOT by private email ___
>>>>
>>>> "Saucer Man" <saucerman@nospam.com> wrote on 06 aug 2008 in
>>>> microsoft.public.windows.terminal_services:
>>>>
>>>>> Here is the exact message...
>>>>>
>>>>>
>>>>>
>>>>> Title Bar: Open File - Security Warning
>>>>> Message: The publisher could not be verified. Are you sure
>>>>> you want to run this software?
>>>>> Name: u:\folder\program.exe
>>>>> Publisher: Unknown Publisher
>>>>> Type: Application
>>>>> From: u:\folder\program.exe
>>>>>
>>>>> Run button Cancel
>>>>> button
>>>>>
>>>>> This file does not have a valid digital signature that
>>>>> verifies its
>>>>> publisher. You should only run software from publishers you
>>>>> trust. How can I decide what software to run?
>>>>>
>>>>>
>>>>>
>>>>> ...It doesn't mention website or file download.
>>>>>
>>>>>
>>>>>
>>>>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se>
>>>>> wrote in message
>>>>> news:Xns9AF1D604C7326veranoesthemutforsse@207.46.248.16...
>>>>>> Then I would expect this message:
>>>>>>
>>>>>> When users start a program, they get a "file download"
>>>>>> dialog box, or an error message: "Windows cannot access the
>>>>>> specified device, path, or file. You may not have the
>>>>>> appropriate permissions to access the item."
>>>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#IEESconfig
>>>>>>
>>>>>> but you can give it a try.
>>>>>> _________________________________________________________
>>>>>> Vera Noest
>>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>>> ___ please respond in newsgroup, NOT by private email ___
>>>>>>
>>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008 in
>>>>>> microsoft.public.windows.terminal_services:
>>>>>>
>>>>>>> We are not getting "a Website wants to start a remote
>>>>>>> connection". I don't know if the Cert applies here. I
>>>>>>> thought it was a Group Policy referring to trusted
>>>>>>> intranet sites that needs to be set. Am I wrong?
>>>>>>>
>>>>>>>
>>>>>>> "Vera Noest [MVP]" <Vera.Noest@remove-this.hem.utfors.se>
>>>>>>> wrote in message
>>>>>>> news:Xns9AF199A50F5DDveranoesthemutforsse@207.46.248.16...
>>>>>>>> Check if this helps:
>>>>>>>>
>>>>>>>> When users start a RemoteApp, they get a dialog box: "a
>>>>>>>> Website wants to start a remote connection. The publisher
>>>>>>>> of this remote connection cannot be identified."
>>>>>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#RemoteApp_s
>>>>>>>> ig ni ng
>>>>>>>>
>>>>>>>> _________________________________________________________
>>>>>>>> Vera Noest
>>>>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>>>>> *----------- Please reply in newsgroup -------------*
>>>>>>>>
>>>>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008:
>>>>>>>>
>>>>>>>>> When a user launches a RemoteAPP program, he gets an
>>>>>>>>> Open File - Security Warning. It says "The publisher
>>>>>>>>> could not be verified.
>>>>>>>>> Are you sure you want to run this software?" The
>>>>>>>>> dialog prompt
>>>>>>>>> refers to the drive letter mapping and the .exe in
>>>>>>>>> question. How can I set up the terminal server so these
>>>>>>>>> prompts do not happen to any user?

 

[Saucer Man]

Re: How do you prevent the security warning "unknown publisher" for all users?

Re: How do you prevent the security warning "unknown publisher" for all users?

Yes, I did read it. And it is this paragraph that is a bit confusing...

> If you are already using an SSL certificate for terminal server or
> TS Gateway connections, you can use the same certificate to sign
> .rdp files. However, if users will connect to RemoteApp programs
> from public or home computers, you must use either of the
> following:
>
> * A certificate from a public certification authority (CA) that
> participates in the Microsoft Root Certificate Program Members
> program (http://go.microsoft.com/fwlink/?LinkID=59547).


We do have users that will connect from home computers and we are purchasing
a GoDaddy CERT for the TS Gateway. GoDaddy is on the list but it is not
clear to me if because I have home computers connecting, I will need a
different CERT from that list.


"Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote in message
news:Xns9AF3912AF5567veranoesthemutforsse@207.46.248.16...
> Did you read the Step-by-Step guide? The answers to all of your
> questions are there:
>
> If you are already using an SSL certificate for terminal server or
> TS Gateway connections, you can use the same certificate to sign
> .rdp files. However, if users will connect to RemoteApp programs
> from public or home computers, you must use either of the
> following:
>
> * A certificate from a public certification authority (CA) that
> participates in the Microsoft Root Certificate Program Members
> program (http://go.microsoft.com/fwlink/?LinkID=59547).
>
> * If you are using an enterprise CA, your enterprise CA-issued
> certificate must be co-signed by a public CA that participates in
> the Microsoft Root Certification Program Members program.
>
> _________________________________________________________
> Vera Noest
> MCSE, CCEA, Microsoft MVP - Terminal Server
> TS troubleshooting: http://ts.veranoest.net
> ___ please respond in newsgroup, NOT by private email ___
>
> "Saucer Man" <saucerman@nospam.com> wrote on 07 aug 2008 in
> microsoft.public.windows.terminal_services:
>
>> Ok. I was asking about a Cert in another post. If I get a CERT
>> from GoDaddy for the TS Gateway, it should also work for
>> digitally signing the .rdp files correct?
>>
>>
>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote
>> in message
>> news:Xns9AF3C94CAF82veranoesthemutforsse@207.46.248.16...
>>> That's done in RemoteApp Manager. You'll have to get a
>>> certificate.
>>>
>>> Terminal Services RemoteApp Step-By-Step Guide
>>> http://technet2.microsoft.com/windowsserver2008/en/library/61d24
>>> 255 -dad1-4fd2-b4a3-a91a22973def1033.mspx?mfr=true
>>>
>>> _________________________________________________________
>>> Vera Noest
>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>> TS troubleshooting: http://ts.veranoest.net
>>> ___ please respond in newsgroup, NOT by private email ___
>>>
>>> "Saucer Man" <saucerman@nospam.com> wrote on 06 aug 2008 in
>>> microsoft.public.windows.terminal_services:
>>>
>>>> That's probably the issue. How do I digitally sign these .rdp
>>>> files?
>>>>
>>>>
>>>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se>
>>>> wrote in message
>>>> news:Xns9AF2A63192154veranoesthemutforsse@207.46.248.16...
>>>>> But have you digitally signed your rdp files? Without that,
>>>>> you'll not get rid of the warning.
>>>>> _________________________________________________________
>>>>> Vera Noest
>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>> ___ please respond in newsgroup, NOT by private email ___
>>>>>
>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 06 aug 2008 in
>>>>> microsoft.public.windows.terminal_services:
>>>>>
>>>>>> Here is the exact message...
>>>>>>
>>>>>>
>>>>>>
>>>>>> Title Bar: Open File - Security Warning
>>>>>> Message: The publisher could not be verified. Are you sure
>>>>>> you want to run this software?
>>>>>> Name: u:\folder\program.exe
>>>>>> Publisher: Unknown Publisher
>>>>>> Type: Application
>>>>>> From: u:\folder\program.exe
>>>>>>
>>>>>> Run button Cancel
>>>>>> button
>>>>>>
>>>>>> This file does not have a valid digital signature that
>>>>>> verifies its
>>>>>> publisher. You should only run software from publishers you
>>>>>> trust. How can I decide what software to run?
>>>>>>
>>>>>>
>>>>>>
>>>>>> ...It doesn't mention website or file download.
>>>>>>
>>>>>>
>>>>>>
>>>>>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se>
>>>>>> wrote in message
>>>>>> news:Xns9AF1D604C7326veranoesthemutforsse@207.46.248.16...
>>>>>>> Then I would expect this message:
>>>>>>>
>>>>>>> When users start a program, they get a "file download"
>>>>>>> dialog box, or an error message: "Windows cannot access the
>>>>>>> specified device, path, or file. You may not have the
>>>>>>> appropriate permissions to access the item."
>>>>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#IEESconfig
>>>>>>>
>>>>>>> but you can give it a try.
>>>>>>> _________________________________________________________
>>>>>>> Vera Noest
>>>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>>>> ___ please respond in newsgroup, NOT by private email ___
>>>>>>>
>>>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008 in
>>>>>>> microsoft.public.windows.terminal_services:
>>>>>>>
>>>>>>>> We are not getting "a Website wants to start a remote
>>>>>>>> connection". I don't know if the Cert applies here. I
>>>>>>>> thought it was a Group Policy referring to trusted
>>>>>>>> intranet sites that needs to be set. Am I wrong?
>>>>>>>>
>>>>>>>>
>>>>>>>> "Vera Noest [MVP]" <Vera.Noest@remove-this.hem.utfors.se>
>>>>>>>> wrote in message
>>>>>>>> news:Xns9AF199A50F5DDveranoesthemutforsse@207.46.248.16...
>>>>>>>>> Check if this helps:
>>>>>>>>>
>>>>>>>>> When users start a RemoteApp, they get a dialog box: "a
>>>>>>>>> Website wants to start a remote connection. The publisher
>>>>>>>>> of this remote connection cannot be identified."
>>>>>>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#RemoteApp_s
>>>>>>>>> ig ni ng
>>>>>>>>>
>>>>>>>>> _________________________________________________________
>>>>>>>>> Vera Noest
>>>>>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>>>>>> *----------- Please reply in newsgroup -------------*
>>>>>>>>>
>>>>>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008:
>>>>>>>>>
>>>>>>>>>> When a user launches a RemoteAPP program, he gets an
>>>>>>>>>> Open File - Security Warning. It says "The publisher
>>>>>>>>>> could not be verified.
>>>>>>>>>> Are you sure you want to run this software?" The
>>>>>>>>>> dialog prompt
>>>>>>>>>> refers to the drive letter mapping and the .exe in
>>>>>>>>>> question. How can I set up the terminal server so these
>>>>>>>>>> prompts do not happen to any user?

 

[Vera Noest [MVP]]

Re: How do you prevent the security warning "unknown publisher" for all users?

Re: How do you prevent the security warning "unknown publisher" for all users?

GoDaddy is on the list, so a certifcate from them is OK for both
purposes.
_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
___ please respond in newsgroup, NOT by private email ___

"Saucer Man" <saucerman@nospam.com> wrote on 07 aug 2008 in
microsoft.public.windows.terminal_services:

> Yes, I did read it. And it is this paragraph that is a bit
> confusing...
>
>> If you are already using an SSL certificate for terminal server
>> or TS Gateway connections, you can use the same certificate to
>> sign .rdp files. However, if users will connect to RemoteApp
>> programs from public or home computers, you must use either of
>> the following:
>>
>> * A certificate from a public certification authority (CA) that
>> participates in the Microsoft Root Certificate Program Members
>> program (http://go.microsoft.com/fwlink/?LinkID=59547).
>
>
> We do have users that will connect from home computers and we
> are purchasing a GoDaddy CERT for the TS Gateway. GoDaddy is on
> the list but it is not clear to me if because I have home
> computers connecting, I will need a different CERT from that
> list.
>
>
> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote
> in message
> news:Xns9AF3912AF5567veranoesthemutforsse@207.46.248.16...
>> Did you read the Step-by-Step guide? The answers to all of your
>> questions are there:
>>
>> If you are already using an SSL certificate for terminal server
>> or TS Gateway connections, you can use the same certificate to
>> sign .rdp files. However, if users will connect to RemoteApp
>> programs from public or home computers, you must use either of
>> the following:
>>
>> * A certificate from a public certification authority (CA) that
>> participates in the Microsoft Root Certificate Program Members
>> program (http://go.microsoft.com/fwlink/?LinkID=59547).
>>
>> * If you are using an enterprise CA, your enterprise CA-issued
>> certificate must be co-signed by a public CA that participates
>> in the Microsoft Root Certification Program Members program.
>>
>> _________________________________________________________
>> Vera Noest
>> MCSE, CCEA, Microsoft MVP - Terminal Server
>> TS troubleshooting: http://ts.veranoest.net
>> ___ please respond in newsgroup, NOT by private email ___
>>
>> "Saucer Man" <saucerman@nospam.com> wrote on 07 aug 2008 in
>> microsoft.public.windows.terminal_services:
>>
>>> Ok. I was asking about a Cert in another post. If I get a
>>> CERT from GoDaddy for the TS Gateway, it should also work for
>>> digitally signing the .rdp files correct?
>>>
>>>
>>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se>
>>> wrote in message
>>> news:Xns9AF3C94CAF82veranoesthemutforsse@207.46.248.16...
>>>> That's done in RemoteApp Manager. You'll have to get a
>>>> certificate.
>>>>
>>>> Terminal Services RemoteApp Step-By-Step Guide
>>>> http://technet2.microsoft.com/windowsserver2008/en/library/61d
>>>> 24 255 -dad1-4fd2-b4a3-a91a22973def1033.mspx?mfr=true
>>>>
>>>> _________________________________________________________
>>>> Vera Noest
>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>> TS troubleshooting: http://ts.veranoest.net
>>>> ___ please respond in newsgroup, NOT by private email ___
>>>>
>>>> "Saucer Man" <saucerman@nospam.com> wrote on 06 aug 2008 in
>>>> microsoft.public.windows.terminal_services:
>>>>
>>>>> That's probably the issue. How do I digitally sign these
>>>>> .rdp files?
>>>>>
>>>>>
>>>>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se>
>>>>> wrote in message
>>>>> news:Xns9AF2A63192154veranoesthemutforsse@207.46.248.16...
>>>>>> But have you digitally signed your rdp files? Without that,
>>>>>> you'll not get rid of the warning.
>>>>>> _________________________________________________________
>>>>>> Vera Noest
>>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>>> ___ please respond in newsgroup, NOT by private email ___
>>>>>>
>>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 06 aug 2008 in
>>>>>> microsoft.public.windows.terminal_services:
>>>>>>
>>>>>>> Here is the exact message...
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Title Bar: Open File - Security Warning
>>>>>>> Message: The publisher could not be verified. Are you
>>>>>>> sure you want to run this software?
>>>>>>> Name: u:\folder\program.exe
>>>>>>> Publisher: Unknown Publisher
>>>>>>> Type: Application
>>>>>>> From: u:\folder\program.exe
>>>>>>>
>>>>>>> Run button Cancel
>>>>>>> button
>>>>>>>
>>>>>>> This file does not have a valid digital signature that
>>>>>>> verifies its
>>>>>>> publisher. You should only run software from publishers
>>>>>>> you trust. How can I decide what software to run?
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ...It doesn't mention website or file download.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se>
>>>>>>> wrote in message
>>>>>>> news:Xns9AF1D604C7326veranoesthemutforsse@207.46.248.16...
>>>>>>>> Then I would expect this message:
>>>>>>>>
>>>>>>>> When users start a program, they get a "file download"
>>>>>>>> dialog box, or an error message: "Windows cannot access
>>>>>>>> the specified device, path, or file. You may not have the
>>>>>>>> appropriate permissions to access the item."
>>>>>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#IEESconfig
>>>>>>>>
>>>>>>>> but you can give it a try.
>>>>>>>> _________________________________________________________
>>>>>>>> Vera Noest
>>>>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>>>>> ___ please respond in newsgroup, NOT by private email ___
>>>>>>>>
>>>>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008
>>>>>>>> in microsoft.public.windows.terminal_services:
>>>>>>>>
>>>>>>>>> We are not getting "a Website wants to start a remote
>>>>>>>>> connection". I don't know if the Cert applies here. I
>>>>>>>>> thought it was a Group Policy referring to trusted
>>>>>>>>> intranet sites that needs to be set. Am I wrong?
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> "Vera Noest [MVP]"
>>>>>>>>> <Vera.Noest@remove-this.hem.utfors.se> wrote in message
>>>>>>>>> news:Xns9AF199A50F5DDveranoesthemutforsse@207.46.248.16..
>>>>>>>>> .
>>>>>>>>>> Check if this helps:
>>>>>>>>>>
>>>>>>>>>> When users start a RemoteApp, they get a dialog box: "a
>>>>>>>>>> Website wants to start a remote connection. The
>>>>>>>>>> publisher of this remote connection cannot be
>>>>>>>>>> identified."
>>>>>>>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#RemoteApp
>>>>>>>>>> _s ig ni ng
>>>>>>>>>>
>>>>>>>>>> ________________________________________________________
>>>>>>>>>> _ Vera Noest
>>>>>>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>>>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>>>>>>> *----------- Please reply in newsgroup -------------*
>>>>>>>>>>
>>>>>>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug
>>>>>>>>>> 2008:
>>>>>>>>>>
>>>>>>>>>>> When a user launches a RemoteAPP program, he gets an
>>>>>>>>>>> Open File - Security Warning. It says "The publisher
>>>>>>>>>>> could not be verified.
>>>>>>>>>>> Are you sure you want to run this software?" The
>>>>>>>>>>> dialog prompt
>>>>>>>>>>> refers to the drive letter mapping and the .exe in
>>>>>>>>>>> question. How can I set up the terminal server so
>>>>>>>>>>> these prompts do not happen to any user?

 

[Saucer Man]

Re: How do you prevent the security warning "unknown publisher" for all users?

Re: How do you prevent the security warning "unknown publisher" for all users?

Thank you!

Rich

"Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote in message
news:Xns9AF3D7BB03FE6veranoesthemutforsse@207.46.248.16...
> GoDaddy is on the list, so a certifcate from them is OK for both
> purposes.
> _________________________________________________________
> Vera Noest
> MCSE, CCEA, Microsoft MVP - Terminal Server
> TS troubleshooting: http://ts.veranoest.net
> ___ please respond in newsgroup, NOT by private email ___
>
> "Saucer Man" <saucerman@nospam.com> wrote on 07 aug 2008 in
> microsoft.public.windows.terminal_services:
>
>> Yes, I did read it. And it is this paragraph that is a bit
>> confusing...
>>
>>> If you are already using an SSL certificate for terminal server
>>> or TS Gateway connections, you can use the same certificate to
>>> sign .rdp files. However, if users will connect to RemoteApp
>>> programs from public or home computers, you must use either of
>>> the following:
>>>
>>> * A certificate from a public certification authority (CA) that
>>> participates in the Microsoft Root Certificate Program Members
>>> program (http://go.microsoft.com/fwlink/?LinkID=59547).
>>
>>
>> We do have users that will connect from home computers and we
>> are purchasing a GoDaddy CERT for the TS Gateway. GoDaddy is on
>> the list but it is not clear to me if because I have home
>> computers connecting, I will need a different CERT from that
>> list.
>>
>>
>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote
>> in message
>> news:Xns9AF3912AF5567veranoesthemutforsse@207.46.248.16...
>>> Did you read the Step-by-Step guide? The answers to all of your
>>> questions are there:
>>>
>>> If you are already using an SSL certificate for terminal server
>>> or TS Gateway connections, you can use the same certificate to
>>> sign .rdp files. However, if users will connect to RemoteApp
>>> programs from public or home computers, you must use either of
>>> the following:
>>>
>>> * A certificate from a public certification authority (CA) that
>>> participates in the Microsoft Root Certificate Program Members
>>> program (http://go.microsoft.com/fwlink/?LinkID=59547).
>>>
>>> * If you are using an enterprise CA, your enterprise CA-issued
>>> certificate must be co-signed by a public CA that participates
>>> in the Microsoft Root Certification Program Members program.
>>>
>>> _________________________________________________________
>>> Vera Noest
>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>> TS troubleshooting: http://ts.veranoest.net
>>> ___ please respond in newsgroup, NOT by private email ___
>>>
>>> "Saucer Man" <saucerman@nospam.com> wrote on 07 aug 2008 in
>>> microsoft.public.windows.terminal_services:
>>>
>>>> Ok. I was asking about a Cert in another post. If I get a
>>>> CERT from GoDaddy for the TS Gateway, it should also work for
>>>> digitally signing the .rdp files correct?
>>>>
>>>>
>>>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se>
>>>> wrote in message
>>>> news:Xns9AF3C94CAF82veranoesthemutforsse@207.46.248.16...
>>>>> That's done in RemoteApp Manager. You'll have to get a
>>>>> certificate.
>>>>>
>>>>> Terminal Services RemoteApp Step-By-Step Guide
>>>>> http://technet2.microsoft.com/windowsserver2008/en/library/61d
>>>>> 24 255 -dad1-4fd2-b4a3-a91a22973def1033.mspx?mfr=true
>>>>>
>>>>> _________________________________________________________
>>>>> Vera Noest
>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>> ___ please respond in newsgroup, NOT by private email ___
>>>>>
>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 06 aug 2008 in
>>>>> microsoft.public.windows.terminal_services:
>>>>>
>>>>>> That's probably the issue. How do I digitally sign these
>>>>>> .rdp files?
>>>>>>
>>>>>>
>>>>>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se>
>>>>>> wrote in message
>>>>>> news:Xns9AF2A63192154veranoesthemutforsse@207.46.248.16...
>>>>>>> But have you digitally signed your rdp files? Without that,
>>>>>>> you'll not get rid of the warning.
>>>>>>> _________________________________________________________
>>>>>>> Vera Noest
>>>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>>>> ___ please respond in newsgroup, NOT by private email ___
>>>>>>>
>>>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 06 aug 2008 in
>>>>>>> microsoft.public.windows.terminal_services:
>>>>>>>
>>>>>>>> Here is the exact message...
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Title Bar: Open File - Security Warning
>>>>>>>> Message: The publisher could not be verified. Are you
>>>>>>>> sure you want to run this software?
>>>>>>>> Name: u:\folder\program.exe
>>>>>>>> Publisher: Unknown Publisher
>>>>>>>> Type: Application
>>>>>>>> From: u:\folder\program.exe
>>>>>>>>
>>>>>>>> Run button Cancel
>>>>>>>> button
>>>>>>>>
>>>>>>>> This file does not have a valid digital signature that
>>>>>>>> verifies its
>>>>>>>> publisher. You should only run software from publishers
>>>>>>>> you trust. How can I decide what software to run?
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> ...It doesn't mention website or file download.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se>
>>>>>>>> wrote in message
>>>>>>>> news:Xns9AF1D604C7326veranoesthemutforsse@207.46.248.16...
>>>>>>>>> Then I would expect this message:
>>>>>>>>>
>>>>>>>>> When users start a program, they get a "file download"
>>>>>>>>> dialog box, or an error message: "Windows cannot access
>>>>>>>>> the specified device, path, or file. You may not have the
>>>>>>>>> appropriate permissions to access the item."
>>>>>>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#IEESconfig
>>>>>>>>>
>>>>>>>>> but you can give it a try.
>>>>>>>>> _________________________________________________________
>>>>>>>>> Vera Noest
>>>>>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>>>>>> ___ please respond in newsgroup, NOT by private email ___
>>>>>>>>>
>>>>>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008
>>>>>>>>> in microsoft.public.windows.terminal_services:
>>>>>>>>>
>>>>>>>>>> We are not getting "a Website wants to start a remote
>>>>>>>>>> connection". I don't know if the Cert applies here. I
>>>>>>>>>> thought it was a Group Policy referring to trusted
>>>>>>>>>> intranet sites that needs to be set. Am I wrong?
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> "Vera Noest [MVP]"
>>>>>>>>>> <Vera.Noest@remove-this.hem.utfors.se> wrote in message
>>>>>>>>>> news:Xns9AF199A50F5DDveranoesthemutforsse@207.46.248.16..
>>>>>>>>>> .
>>>>>>>>>>> Check if this helps:
>>>>>>>>>>>
>>>>>>>>>>> When users start a RemoteApp, they get a dialog box: "a
>>>>>>>>>>> Website wants to start a remote connection. The
>>>>>>>>>>> publisher of this remote connection cannot be
>>>>>>>>>>> identified."
>>>>>>>>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#RemoteApp
>>>>>>>>>>> _s ig ni ng
>>>>>>>>>>>
>>>>>>>>>>> ________________________________________________________
>>>>>>>>>>> _ Vera Noest
>>>>>>>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>>>>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>>>>>>>> *----------- Please reply in newsgroup -------------*
>>>>>>>>>>>
>>>>>>>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug
>>>>>>>>>>> 2008:
>>>>>>>>>>>
>>>>>>>>>>>> When a user launches a RemoteAPP program, he gets an
>>>>>>>>>>>> Open File - Security Warning. It says "The publisher
>>>>>>>>>>>> could not be verified.
>>>>>>>>>>>> Are you sure you want to run this software?" The
>>>>>>>>>>>> dialog prompt
>>>>>>>>>>>> refers to the drive letter mapping and the .exe in
>>>>>>>>>>>> question. How can I set up the terminal server so
>>>>>>>>>>>> these prompts do not happen to any user?

 

[Saucer Man]

Re: How do you prevent the security warning "unknown publisher" for all users?

Re: How do you prevent the security warning "unknown publisher" for all users?

Vera, I installed a cert and I am now digitally signing my .rdp files.
However, I am now getting an error and I can no longer connect to the
terminal server with them. I created a new thread called "Problem digitally
signing .rdp files" on 8/27. Could you offer some insight please?

Thanks.


"Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote in message
news:Xns9AF2A63192154veranoesthemutforsse@207.46.248.16...
> But have you digitally signed your rdp files? Without that, you'll
> not get rid of the warning.
> _________________________________________________________
> Vera Noest
> MCSE, CCEA, Microsoft MVP - Terminal Server
> TS troubleshooting: http://ts.veranoest.net
> ___ please respond in newsgroup, NOT by private email ___
>
> "Saucer Man" <saucerman@nospam.com> wrote on 06 aug 2008 in
> microsoft.public.windows.terminal_services:
>
>> Here is the exact message...
>>
>>
>>
>> Title Bar: Open File - Security Warning
>> Message: The publisher could not be verified. Are you sure you
>> want to run this software?
>> Name: u:\folder\program.exe
>> Publisher: Unknown Publisher
>> Type: Application
>> From: u:\folder\program.exe
>>
>> Run button Cancel button
>>
>> This file does not have a valid digital signature that
>> verifies its
>> publisher. You should only run software from publishers you
>> trust. How can I decide what software to run?
>>
>>
>>
>> ...It doesn't mention website or file download.
>>
>>
>>
>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote
>> in message
>> news:Xns9AF1D604C7326veranoesthemutforsse@207.46.248.16...
>>> Then I would expect this message:
>>>
>>> When users start a program, they get a "file download" dialog
>>> box, or an error message: "Windows cannot access the specified
>>> device, path, or file. You may not have the appropriate
>>> permissions to access the item."
>>> http://ts.veranoest.net/ts_faq_user_issues.htm#IEESconfig
>>>
>>> but you can give it a try.
>>> _________________________________________________________
>>> Vera Noest
>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>> TS troubleshooting: http://ts.veranoest.net
>>> ___ please respond in newsgroup, NOT by private email ___
>>>
>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008 in
>>> microsoft.public.windows.terminal_services:
>>>
>>>> We are not getting "a Website wants to start a remote
>>>> connection". I don't know if the Cert applies here. I
>>>> thought it was a Group Policy referring to trusted intranet
>>>> sites that needs to be set. Am I wrong?
>>>>
>>>>
>>>> "Vera Noest [MVP]" <Vera.Noest@remove-this.hem.utfors.se>
>>>> wrote in message
>>>> news:Xns9AF199A50F5DDveranoesthemutforsse@207.46.248.16...
>>>>> Check if this helps:
>>>>>
>>>>> When users start a RemoteApp, they get a dialog box: "a
>>>>> Website wants to start a remote connection. The publisher of
>>>>> this remote connection cannot be identified."
>>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#RemoteApp_signi
>>>>> ng
>>>>>
>>>>> _________________________________________________________
>>>>> Vera Noest
>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>> *----------- Please reply in newsgroup -------------*
>>>>>
>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008:
>>>>>
>>>>>> When a user launches a RemoteAPP program, he gets an Open
>>>>>> File - Security Warning. It says "The publisher could not
>>>>>> be verified.
>>>>>> Are you sure you want to run this software?" The dialog
>>>>>> prompt
>>>>>> refers to the drive letter mapping and the .exe in question.
>>>>>> How can I set up the terminal server so these prompts do not
>>>>>> happen to any user?

 

[Vera Noest [MVP]]

Re: How do you prevent the security warning "unknown publisher" for all users?

Re: How do you prevent the security warning "unknown publisher" for all users?

OK, let's continue in the new thread, has a more appropriate
subject line.

_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
___ please respond in newsgroup, NOT by private email ___


"Saucer Man" <saucerman@nospam.com> wrote on 28 aug 2008 in
microsoft.public.windows.terminal_services:

> Vera, I installed a cert and I am now digitally signing my .rdp
> files. However, I am now getting an error and I can no longer
> connect to the terminal server with them. I created a new
> thread called "Problem digitally signing .rdp files" on 8/27.
> Could you offer some insight please?
>
> Thanks.
>
>
> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote
> in message
> news:Xns9AF2A63192154veranoesthemutforsse@207.46.248.16...
>> But have you digitally signed your rdp files? Without that,
>> you'll not get rid of the warning.
>> _________________________________________________________
>> Vera Noest
>> MCSE, CCEA, Microsoft MVP - Terminal Server
>> TS troubleshooting: http://ts.veranoest.net
>> ___ please respond in newsgroup, NOT by private email ___
>>
>> "Saucer Man" <saucerman@nospam.com> wrote on 06 aug 2008 in
>> microsoft.public.windows.terminal_services:
>>
>>> Here is the exact message...
>>>
>>>
>>>
>>> Title Bar: Open File - Security Warning
>>> Message: The publisher could not be verified. Are you sure
>>> you want to run this software?
>>> Name: u:\folder\program.exe
>>> Publisher: Unknown Publisher
>>> Type: Application
>>> From: u:\folder\program.exe
>>>
>>> Run button Cancel button
>>>
>>> This file does not have a valid digital signature that
>>> verifies its
>>> publisher. You should only run software from publishers you
>>> trust. How can I decide what software to run?
>>>
>>>
>>>
>>> ...It doesn't mention website or file download.
>>>
>>>
>>>
>>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se>
>>> wrote in message
>>> news:Xns9AF1D604C7326veranoesthemutforsse@207.46.248.16...
>>>> Then I would expect this message:
>>>>
>>>> When users start a program, they get a "file download" dialog
>>>> box, or an error message: "Windows cannot access the
>>>> specified device, path, or file. You may not have the
>>>> appropriate permissions to access the item."
>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#IEESconfig
>>>>
>>>> but you can give it a try.
>>>> _________________________________________________________
>>>> Vera Noest
>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>> TS troubleshooting: http://ts.veranoest.net
>>>> ___ please respond in newsgroup, NOT by private email ___
>>>>
>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008 in
>>>> microsoft.public.windows.terminal_services:
>>>>
>>>>> We are not getting "a Website wants to start a remote
>>>>> connection". I don't know if the Cert applies here. I
>>>>> thought it was a Group Policy referring to trusted intranet
>>>>> sites that needs to be set. Am I wrong?
>>>>>
>>>>>
>>>>> "Vera Noest [MVP]" <Vera.Noest@remove-this.hem.utfors.se>
>>>>> wrote in message
>>>>> news:Xns9AF199A50F5DDveranoesthemutforsse@207.46.248.16...
>>>>>> Check if this helps:
>>>>>>
>>>>>> When users start a RemoteApp, they get a dialog box: "a
>>>>>> Website wants to start a remote connection. The publisher
>>>>>> of this remote connection cannot be identified."
>>>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#RemoteApp_sig
>>>>>> ni ng
>>>>>>
>>>>>> _________________________________________________________
>>>>>> Vera Noest
>>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>>> *----------- Please reply in newsgroup -------------*
>>>>>>
>>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008:
>>>>>>
>>>>>>> When a user launches a RemoteAPP program, he gets an Open
>>>>>>> File - Security Warning. It says "The publisher could not
>>>>>>> be verified.
>>>>>>> Are you sure you want to run this software?" The dialog
>>>>>>> prompt
>>>>>>> refers to the drive letter mapping and the .exe in
>>>>>>> question. How can I set up the terminal server so these
>>>>>>> prompts do not happen to any user?

 

[Saucer Man]

Re: How do you prevent the security warning "unknown publisher" for all users?

Re: How do you prevent the security warning "unknown publisher" for all users?

OK. Now that the .rdp files are working again, we are still getting the
security warning. The .rdp file points to an .exe. This .exe is our
accounting software and it launches different .exes from within. Whenever
it launches the other .exes, these warnings prompt the user. Any ideas?


"Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote in message
news:Xns9B08E39CA3C01veranoesthemutforsse@207.46.248.16...
> OK, let's continue in the new thread, has a more appropriate
> subject line.
>
> _________________________________________________________
> Vera Noest
> MCSE, CCEA, Microsoft MVP - Terminal Server
> TS troubleshooting: http://ts.veranoest.net
> ___ please respond in newsgroup, NOT by private email ___
>
>
> "Saucer Man" <saucerman@nospam.com> wrote on 28 aug 2008 in
> microsoft.public.windows.terminal_services:
>
>> Vera, I installed a cert and I am now digitally signing my .rdp
>> files. However, I am now getting an error and I can no longer
>> connect to the terminal server with them. I created a new
>> thread called "Problem digitally signing .rdp files" on 8/27.
>> Could you offer some insight please?
>>
>> Thanks.
>>
>>
>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote
>> in message
>> news:Xns9AF2A63192154veranoesthemutforsse@207.46.248.16...
>>> But have you digitally signed your rdp files? Without that,
>>> you'll not get rid of the warning.
>>> _________________________________________________________
>>> Vera Noest
>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>> TS troubleshooting: http://ts.veranoest.net
>>> ___ please respond in newsgroup, NOT by private email ___
>>>
>>> "Saucer Man" <saucerman@nospam.com> wrote on 06 aug 2008 in
>>> microsoft.public.windows.terminal_services:
>>>
>>>> Here is the exact message...
>>>>
>>>>
>>>>
>>>> Title Bar: Open File - Security Warning
>>>> Message: The publisher could not be verified. Are you sure
>>>> you want to run this software?
>>>> Name: u:\folder\program.exe
>>>> Publisher: Unknown Publisher
>>>> Type: Application
>>>> From: u:\folder\program.exe
>>>>
>>>> Run button Cancel button
>>>>
>>>> This file does not have a valid digital signature that
>>>> verifies its
>>>> publisher. You should only run software from publishers you
>>>> trust. How can I decide what software to run?
>>>>
>>>>
>>>>
>>>> ...It doesn't mention website or file download.
>>>>
>>>>
>>>>
>>>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se>
>>>> wrote in message
>>>> news:Xns9AF1D604C7326veranoesthemutforsse@207.46.248.16...
>>>>> Then I would expect this message:
>>>>>
>>>>> When users start a program, they get a "file download" dialog
>>>>> box, or an error message: "Windows cannot access the
>>>>> specified device, path, or file. You may not have the
>>>>> appropriate permissions to access the item."
>>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#IEESconfig
>>>>>
>>>>> but you can give it a try.
>>>>> _________________________________________________________
>>>>> Vera Noest
>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>> ___ please respond in newsgroup, NOT by private email ___
>>>>>
>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008 in
>>>>> microsoft.public.windows.terminal_services:
>>>>>
>>>>>> We are not getting "a Website wants to start a remote
>>>>>> connection". I don't know if the Cert applies here. I
>>>>>> thought it was a Group Policy referring to trusted intranet
>>>>>> sites that needs to be set. Am I wrong?
>>>>>>
>>>>>>
>>>>>> "Vera Noest [MVP]" <Vera.Noest@remove-this.hem.utfors.se>
>>>>>> wrote in message
>>>>>> news:Xns9AF199A50F5DDveranoesthemutforsse@207.46.248.16...
>>>>>>> Check if this helps:
>>>>>>>
>>>>>>> When users start a RemoteApp, they get a dialog box: "a
>>>>>>> Website wants to start a remote connection. The publisher
>>>>>>> of this remote connection cannot be identified."
>>>>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#RemoteApp_sig
>>>>>>> ni ng
>>>>>>>
>>>>>>> _________________________________________________________
>>>>>>> Vera Noest
>>>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>>>> *----------- Please reply in newsgroup -------------*
>>>>>>>
>>>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008:
>>>>>>>
>>>>>>>> When a user launches a RemoteAPP program, he gets an Open
>>>>>>>> File - Security Warning. It says "The publisher could not
>>>>>>>> be verified.
>>>>>>>> Are you sure you want to run this software?" The dialog
>>>>>>>> prompt
>>>>>>>> refers to the drive letter mapping and the .exe in
>>>>>>>> question. How can I set up the terminal server so these
>>>>>>>> prompts do not happen to any user?
>

 

[Vera Noest [MVP]]

Re: How do you prevent the security warning "unknown publisher" for all users?

Re: How do you prevent the security warning "unknown publisher" for all users?

Have you used the GPO settings here:

Administrative Templates\Windows Components\Terminal Services
\Remote Desktop Connection Client

About Digitally Signing RemoteApp Programs
http://technet.microsoft.com/en-us/library/cc754499.aspx

_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
___ please respond in newsgroup, NOT by private email ___

"Saucer Man" <saucerman@nospam.com> wrote on 29 aug 2008 in
microsoft.public.windows.terminal_services:

> OK. Now that the .rdp files are working again, we are still
> getting the security warning. The .rdp file points to an .exe.
> This .exe is our accounting software and it launches different
> .exes from within. Whenever it launches the other .exes, these
> warnings prompt the user. Any ideas?
>
>
> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote
> in message
> news:Xns9B08E39CA3C01veranoesthemutforsse@207.46.248.16...
>> OK, let's continue in the new thread, has a more appropriate
>> subject line.
>>
>> _________________________________________________________
>> Vera Noest
>> MCSE, CCEA, Microsoft MVP - Terminal Server
>> TS troubleshooting: http://ts.veranoest.net
>> ___ please respond in newsgroup, NOT by private email ___
>>
>>
>> "Saucer Man" <saucerman@nospam.com> wrote on 28 aug 2008 in
>> microsoft.public.windows.terminal_services:
>>
>>> Vera, I installed a cert and I am now digitally signing my
>>> .rdp files. However, I am now getting an error and I can no
>>> longer connect to the terminal server with them. I created a
>>> new thread called "Problem digitally signing .rdp files" on
>>> 8/27. Could you offer some insight please?
>>>
>>> Thanks.
>>>
>>>
>>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se>
>>> wrote in message
>>> news:Xns9AF2A63192154veranoesthemutforsse@207.46.248.16...
>>>> But have you digitally signed your rdp files? Without that,
>>>> you'll not get rid of the warning.
>>>> _________________________________________________________
>>>> Vera Noest
>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>> TS troubleshooting: http://ts.veranoest.net
>>>> ___ please respond in newsgroup, NOT by private email ___
>>>>
>>>> "Saucer Man" <saucerman@nospam.com> wrote on 06 aug 2008 in
>>>> microsoft.public.windows.terminal_services:
>>>>
>>>>> Here is the exact message...
>>>>>
>>>>>
>>>>>
>>>>> Title Bar: Open File - Security Warning
>>>>> Message: The publisher could not be verified. Are you sure
>>>>> you want to run this software?
>>>>> Name: u:\folder\program.exe
>>>>> Publisher: Unknown Publisher
>>>>> Type: Application
>>>>> From: u:\folder\program.exe
>>>>>
>>>>> Run button Cancel
>>>>> button
>>>>>
>>>>> This file does not have a valid digital signature that
>>>>> verifies its
>>>>> publisher. You should only run software from publishers you
>>>>> trust. How can I decide what software to run?
>>>>>
>>>>>
>>>>>
>>>>> ...It doesn't mention website or file download.
>>>>>
>>>>>
>>>>>
>>>>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se>
>>>>> wrote in message
>>>>> news:Xns9AF1D604C7326veranoesthemutforsse@207.46.248.16...
>>>>>> Then I would expect this message:
>>>>>>
>>>>>> When users start a program, they get a "file download"
>>>>>> dialog box, or an error message: "Windows cannot access the
>>>>>> specified device, path, or file. You may not have the
>>>>>> appropriate permissions to access the item."
>>>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#IEESconfig
>>>>>>
>>>>>> but you can give it a try.
>>>>>> _________________________________________________________
>>>>>> Vera Noest
>>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>>> ___ please respond in newsgroup, NOT by private email ___
>>>>>>
>>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008 in
>>>>>> microsoft.public.windows.terminal_services:
>>>>>>
>>>>>>> We are not getting "a Website wants to start a remote
>>>>>>> connection". I don't know if the Cert applies here. I
>>>>>>> thought it was a Group Policy referring to trusted
>>>>>>> intranet sites that needs to be set. Am I wrong?
>>>>>>>
>>>>>>>
>>>>>>> "Vera Noest [MVP]" <Vera.Noest@remove-this.hem.utfors.se>
>>>>>>> wrote in message
>>>>>>> news:Xns9AF199A50F5DDveranoesthemutforsse@207.46.248.16...
>>>>>>>> Check if this helps:
>>>>>>>>
>>>>>>>> When users start a RemoteApp, they get a dialog box: "a
>>>>>>>> Website wants to start a remote connection. The publisher
>>>>>>>> of this remote connection cannot be identified."
>>>>>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#RemoteApp_s
>>>>>>>> ig ni ng
>>>>>>>>
>>>>>>>> _________________________________________________________
>>>>>>>> Vera Noest
>>>>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>>>>> *----------- Please reply in newsgroup -------------*
>>>>>>>>
>>>>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008:
>>>>>>>>
>>>>>>>>> When a user launches a RemoteAPP program, he gets an
>>>>>>>>> Open File - Security Warning. It says "The publisher
>>>>>>>>> could not be verified.
>>>>>>>>> Are you sure you want to run this software?" The
>>>>>>>>> dialog prompt
>>>>>>>>> refers to the drive letter mapping and the .exe in
>>>>>>>>> question. How can I set up the terminal server so these
>>>>>>>>> prompts do not happen to any user?

 

[Saucer Man]

Re: How do you prevent the security warning "unknown publisher" for all users?

Re: How do you prevent the security warning "unknown publisher" for all users?

I saw those settings, however, the users will be connecting from home so I
didn't think group policy would affect them. Am I correct?


"Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote in message
news:Xns9B0B99A0BA7AAveranoesthemutforsse@207.46.248.16...
> Have you used the GPO settings here:
>
> Administrative Templates\Windows Components\Terminal Services
> \Remote Desktop Connection Client
>
> About Digitally Signing RemoteApp Programs
> http://technet.microsoft.com/en-us/library/cc754499.aspx
>
> _________________________________________________________
> Vera Noest
> MCSE, CCEA, Microsoft MVP - Terminal Server
> TS troubleshooting: http://ts.veranoest.net
> ___ please respond in newsgroup, NOT by private email ___
>
> "Saucer Man" <saucerman@nospam.com> wrote on 29 aug 2008 in
> microsoft.public.windows.terminal_services:
>
>> OK. Now that the .rdp files are working again, we are still
>> getting the security warning. The .rdp file points to an .exe.
>> This .exe is our accounting software and it launches different
>> .exes from within. Whenever it launches the other .exes, these
>> warnings prompt the user. Any ideas?
>>
>>
>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote
>> in message
>> news:Xns9B08E39CA3C01veranoesthemutforsse@207.46.248.16...
>>> OK, let's continue in the new thread, has a more appropriate
>>> subject line.
>>>
>>> _________________________________________________________
>>> Vera Noest
>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>> TS troubleshooting: http://ts.veranoest.net
>>> ___ please respond in newsgroup, NOT by private email ___
>>>
>>>
>>> "Saucer Man" <saucerman@nospam.com> wrote on 28 aug 2008 in
>>> microsoft.public.windows.terminal_services:
>>>
>>>> Vera, I installed a cert and I am now digitally signing my
>>>> .rdp files. However, I am now getting an error and I can no
>>>> longer connect to the terminal server with them. I created a
>>>> new thread called "Problem digitally signing .rdp files" on
>>>> 8/27. Could you offer some insight please?
>>>>
>>>> Thanks.
>>>>
>>>>
>>>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se>
>>>> wrote in message
>>>> news:Xns9AF2A63192154veranoesthemutforsse@207.46.248.16...
>>>>> But have you digitally signed your rdp files? Without that,
>>>>> you'll not get rid of the warning.
>>>>> _________________________________________________________
>>>>> Vera Noest
>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>> ___ please respond in newsgroup, NOT by private email ___
>>>>>
>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 06 aug 2008 in
>>>>> microsoft.public.windows.terminal_services:
>>>>>
>>>>>> Here is the exact message...
>>>>>>
>>>>>>
>>>>>>
>>>>>> Title Bar: Open File - Security Warning
>>>>>> Message: The publisher could not be verified. Are you sure
>>>>>> you want to run this software?
>>>>>> Name: u:\folder\program.exe
>>>>>> Publisher: Unknown Publisher
>>>>>> Type: Application
>>>>>> From: u:\folder\program.exe
>>>>>>
>>>>>> Run button Cancel
>>>>>> button
>>>>>>
>>>>>> This file does not have a valid digital signature that
>>>>>> verifies its
>>>>>> publisher. You should only run software from publishers you
>>>>>> trust. How can I decide what software to run?
>>>>>>
>>>>>>
>>>>>>
>>>>>> ...It doesn't mention website or file download.
>>>>>>
>>>>>>
>>>>>>
>>>>>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se>
>>>>>> wrote in message
>>>>>> news:Xns9AF1D604C7326veranoesthemutforsse@207.46.248.16...
>>>>>>> Then I would expect this message:
>>>>>>>
>>>>>>> When users start a program, they get a "file download"
>>>>>>> dialog box, or an error message: "Windows cannot access the
>>>>>>> specified device, path, or file. You may not have the
>>>>>>> appropriate permissions to access the item."
>>>>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#IEESconfig
>>>>>>>
>>>>>>> but you can give it a try.
>>>>>>> _________________________________________________________
>>>>>>> Vera Noest
>>>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>>>> ___ please respond in newsgroup, NOT by private email ___
>>>>>>>
>>>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008 in
>>>>>>> microsoft.public.windows.terminal_services:
>>>>>>>
>>>>>>>> We are not getting "a Website wants to start a remote
>>>>>>>> connection". I don't know if the Cert applies here. I
>>>>>>>> thought it was a Group Policy referring to trusted
>>>>>>>> intranet sites that needs to be set. Am I wrong?
>>>>>>>>
>>>>>>>>
>>>>>>>> "Vera Noest [MVP]" <Vera.Noest@remove-this.hem.utfors.se>
>>>>>>>> wrote in message
>>>>>>>> news:Xns9AF199A50F5DDveranoesthemutforsse@207.46.248.16...
>>>>>>>>> Check if this helps:
>>>>>>>>>
>>>>>>>>> When users start a RemoteApp, they get a dialog box: "a
>>>>>>>>> Website wants to start a remote connection. The publisher
>>>>>>>>> of this remote connection cannot be identified."
>>>>>>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#RemoteApp_s
>>>>>>>>> ig ni ng
>>>>>>>>>
>>>>>>>>> _________________________________________________________
>>>>>>>>> Vera Noest
>>>>>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>>>>>> *----------- Please reply in newsgroup -------------*
>>>>>>>>>
>>>>>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008:
>>>>>>>>>
>>>>>>>>>> When a user launches a RemoteAPP program, he gets an
>>>>>>>>>> Open File - Security Warning. It says "The publisher
>>>>>>>>>> could not be verified.
>>>>>>>>>> Are you sure you want to run this software?" The
>>>>>>>>>> dialog prompt
>>>>>>>>>> refers to the drive letter mapping and the .exe in
>>>>>>>>>> question. How can I set up the terminal server so these
>>>>>>>>>> prompts do not happen to any user?
>

 

[Vera Noest [MVP]]

Re: How do you prevent the security warning "unknown publisher" for all users?

Re: How do you prevent the security warning "unknown publisher" for all users?

No. And I don't feel that it would be the right why to solve the
problem either. But I'm out of ideas, sorry.
I'd call support again.
_________________________________________________________
Vera Noest
MCSE, CCEA, Microsoft MVP - Terminal Server
TS troubleshooting: http://ts.veranoest.net
*----------- Please reply in newsgroup -------------*

"Saucer Man" <saucerman@nospam.com> wrote on 02 sep 2008:

> I saw those settings, however, the users will be connecting from
> home so I didn't think group policy would affect them. Am I
> correct?
>
>
> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se> wrote
> in message
> news:Xns9B0B99A0BA7AAveranoesthemutforsse@207.46.248.16...
>> Have you used the GPO settings here:
>>
>> Administrative Templates\Windows Components\Terminal Services
>> \Remote Desktop Connection Client
>>
>> About Digitally Signing RemoteApp Programs
>> http://technet.microsoft.com/en-us/library/cc754499.aspx
>>
>> _________________________________________________________
>> Vera Noest
>> MCSE, CCEA, Microsoft MVP - Terminal Server
>> TS troubleshooting: http://ts.veranoest.net
>> ___ please respond in newsgroup, NOT by private email ___
>>
>> "Saucer Man" <saucerman@nospam.com> wrote on 29 aug 2008 in
>> microsoft.public.windows.terminal_services:
>>
>>> OK. Now that the .rdp files are working again, we are still
>>> getting the security warning. The .rdp file points to an
>>> .exe. This .exe is our accounting software and it launches
>>> different .exes from within. Whenever it launches the other
>>> .exes, these warnings prompt the user. Any ideas?
>>>
>>>
>>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se>
>>> wrote in message
>>> news:Xns9B08E39CA3C01veranoesthemutforsse@207.46.248.16...
>>>> OK, let's continue in the new thread, has a more appropriate
>>>> subject line.
>>>>
>>>> _________________________________________________________
>>>> Vera Noest
>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>> TS troubleshooting: http://ts.veranoest.net
>>>> ___ please respond in newsgroup, NOT by private email ___
>>>>
>>>>
>>>> "Saucer Man" <saucerman@nospam.com> wrote on 28 aug 2008 in
>>>> microsoft.public.windows.terminal_services:
>>>>
>>>>> Vera, I installed a cert and I am now digitally signing my
>>>>> .rdp files. However, I am now getting an error and I can no
>>>>> longer connect to the terminal server with them. I created
>>>>> a new thread called "Problem digitally signing .rdp files"
>>>>> on 8/27. Could you offer some insight please?
>>>>>
>>>>> Thanks.
>>>>>
>>>>>
>>>>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se>
>>>>> wrote in message
>>>>> news:Xns9AF2A63192154veranoesthemutforsse@207.46.248.16...
>>>>>> But have you digitally signed your rdp files? Without that,
>>>>>> you'll not get rid of the warning.
>>>>>> _________________________________________________________
>>>>>> Vera Noest
>>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>>> ___ please respond in newsgroup, NOT by private email ___
>>>>>>
>>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 06 aug 2008 in
>>>>>> microsoft.public.windows.terminal_services:
>>>>>>
>>>>>>> Here is the exact message...
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Title Bar: Open File - Security Warning
>>>>>>> Message: The publisher could not be verified. Are you
>>>>>>> sure you want to run this software?
>>>>>>> Name: u:\folder\program.exe
>>>>>>> Publisher: Unknown Publisher
>>>>>>> Type: Application
>>>>>>> From: u:\folder\program.exe
>>>>>>>
>>>>>>> Run button Cancel
>>>>>>> button
>>>>>>>
>>>>>>> This file does not have a valid digital signature that
>>>>>>> verifies its
>>>>>>> publisher. You should only run software from publishers
>>>>>>> you trust. How can I decide what software to run?
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ...It doesn't mention website or file download.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> "Vera Noest [MVP]" <vera.noest@remove-this.hem.utfors.se>
>>>>>>> wrote in message
>>>>>>> news:Xns9AF1D604C7326veranoesthemutforsse@207.46.248.16...
>>>>>>>> Then I would expect this message:
>>>>>>>>
>>>>>>>> When users start a program, they get a "file download"
>>>>>>>> dialog box, or an error message: "Windows cannot access
>>>>>>>> the specified device, path, or file. You may not have the
>>>>>>>> appropriate permissions to access the item."
>>>>>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#IEESconfig
>>>>>>>>
>>>>>>>> but you can give it a try.
>>>>>>>> _________________________________________________________
>>>>>>>> Vera Noest
>>>>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>>>>> ___ please respond in newsgroup, NOT by private email ___
>>>>>>>>
>>>>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug 2008
>>>>>>>> in microsoft.public.windows.terminal_services:
>>>>>>>>
>>>>>>>>> We are not getting "a Website wants to start a remote
>>>>>>>>> connection". I don't know if the Cert applies here. I
>>>>>>>>> thought it was a Group Policy referring to trusted
>>>>>>>>> intranet sites that needs to be set. Am I wrong?
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> "Vera Noest [MVP]"
>>>>>>>>> <Vera.Noest@remove-this.hem.utfors.se> wrote in message
>>>>>>>>> news:Xns9AF199A50F5DDveranoesthemutforsse@207.46.248.16..
>>>>>>>>> .
>>>>>>>>>> Check if this helps:
>>>>>>>>>>
>>>>>>>>>> When users start a RemoteApp, they get a dialog box: "a
>>>>>>>>>> Website wants to start a remote connection. The
>>>>>>>>>> publisher of this remote connection cannot be
>>>>>>>>>> identified."
>>>>>>>>>> http://ts.veranoest.net/ts_faq_user_issues.htm#RemoteApp
>>>>>>>>>> _s ig ni ng
>>>>>>>>>>
>>>>>>>>>> ________________________________________________________
>>>>>>>>>> _ Vera Noest
>>>>>>>>>> MCSE, CCEA, Microsoft MVP - Terminal Server
>>>>>>>>>> TS troubleshooting: http://ts.veranoest.net
>>>>>>>>>> *----------- Please reply in newsgroup -------------*
>>>>>>>>>>
>>>>>>>>>> "Saucer Man" <saucerman@nospam.com> wrote on 05 aug
>>>>>>>>>> 2008:
>>>>>>>>>>
>>>>>>>>>>> When a user launches a RemoteAPP program, he gets an
>>>>>>>>>>> Open File - Security Warning. It says "The publisher
>>>>>>>>>>> could not be verified.
>>>>>>>>>>> Are you sure you want to run this software?" The
>>>>>>>>>>> dialog prompt
>>>>>>>>>>> refers to the drive letter mapping and the .exe in
>>>>>>>>>>> question. How can I set up the terminal server so
>>>>>>>>>>> these prompts do not happen to any user?

 

[TP]

Re: How do you prevent the security warning "unknown publisher" for all users?

Re: How do you prevent the security warning "unknown publisher" for all users?

Hi Vera,

If "Launching applications and unsafe files" is set to Disable
for the applicable security zone, then the user will receive the
message you expect. If, however, the setting is set to Prompt
then the user will receive the message that Saucer Man is
receiving.

The instructions in your FAQ are relevant. If Saucer Man
still has trouble after following them he should post back
and we can help him troubleshoot.

Thanks.

-TP

Vera Noest [MVP] wrote:
> Then I would expect this message:
>
> When users start a program, they get a "file download" dialog box,
> or an error message: "Windows cannot access the specified device,
> path, or file. You may not have the appropriate permissions to
> access the item."
> http://ts.veranoest.net/ts_faq_user_issues.htm#IEESconfig
>
> but you can give it a try.
> _________________________________________________________
> Vera Noest
> MCSE, CCEA, Microsoft MVP - Terminal Server
> TS troubleshooting: http://ts.veranoest.net
> ___ please respond in newsgroup, NOT by private email ___