Doubt About GPO - Security Zones

Similar Messages

• GPO Security Zones and Content Ratings "Modify Settings" buttons are disabled

  Task: Trying to modify a GPO so that specific users who logon to Remote Desktop Servers will have a lower Internet security level for Internet Explorer.
  We have two Windows Server 2008 Domain Controllers, when I access the GPO using the Group Policy Management Console and Editor on either of the two Domain Controllers, then navigate to User Configuration > Policies > Windows Settings > Internet Explorer
  Maintenance > Security > Security Zones and Content Ratings, the available "Modify Settings" buttons are both disabled.
  I've read through several forum posts relating to this and the closest solution mentioned was to turn off IE ESC for Administrators on both Domain Controllers. I've done this and it nothing has changed as a result. Is there a way enable the "Modify Settings"
  buttons, or is there another way to achieve the task mentioned at the top of this post?

  Hi,
  We need to import these settings before we modify them.
  To import security zones and privacy settings from our computer using IEM:
  Click
  Import the current security zones and privacy settings 
  To import content ratings from our computer:
  Click
  Import the current Content Ratings settings
  Regarding how to configure Security Zones and Content Ratings, the following article can be referred to for more information.
  Configure Security Zones and Content Ratings
  http://technet.microsoft.com/en-us/library/cc772410.aspx
  Best regards,
  Frank Shen

• Include Secure Zone name in Order Workflow Notification

  Hi All,
  Hoping that someone can help me with a solution for the following:
  We have a site that has a number of secure zones, each secure zone has an individual product catalogue assigned to it.
  The problem we have is that when someone does an order from within the secure zone, the Workflow notification does not contain any information about which secure zone the order came from.
  So I'm wondering if it is possible to write some code that will query what secure zone you are logged in to and have this as a hidden field on the Order page, to be included in the Workflow Notification.
  Does anyone know if this is possible?
  Cheers,
  Emily

  You can parse the user's securezone subscriptions out of {module_subscriptions,true,true,,true}, or you could look for an attribute unique to each catalogue, like <div data-catalogue="{{tag_somethingUnique">...catalogue template code...</div> plus jQuery('[data-catalogue]').data('catalogue');

• Doubtful about security of oracle's Wrap code!

  Dears
  I am little bit doubtful about security of oracle's own Wrap code like package "sys.utl_smtp" .
  Someone can easily Unwrap it without source code?
  How it possible? whats your opinion about this? please can anybody clear me.
  Regards
  Abdul Halim
  Edited by: Abdul Halim on May 31, 2013 8:14 PM

  Halm, you are operating under the mistaken belief that your code deserves hiding from the customer and competitors to begin with. Why? All you are doing in the code is performing DML. It is not like your application is the only one in the world that performs its function.
  If someone really wanted to they could figure out what your code is basically doing just by looking at the table and file data before and after running the code. By careful manipulation of the data and studying the results they can figure out what is being done and then develop their own specific of the how it is done. One can also look at Oracle's internals as the code is being processed both using Oracle provided views and direct peaking at Oracle's shared memory. Then there are tools like sql trace which will captute the SQL, waits, and binds for the process.
  But all of this is kind of mute in that most shops do not have the talent to write their own unwrapper nor has the shop purchased an unwrapper so if you wrap the code it is going to be secured from most users and competitiors. I would just recommend that potential customers not purchase your product becuase the customer is going to need access to the code either for debugging (bugs will exist in the code) or tuning. Likely both.
  IMHO -- Mark D Powell --

• GPO for Automatically trust sites for Windows OS security zones

  Hi Team,
  Need your urgent help
  Could you confirm which GPO we can use for Automatically trust sites for Windows OS security zones
  I have checked Adobe Reader GPO templates but its not exists?
  Pls assist

  Hi,
  We need to import these settings before we modify them.
  To import security zones and privacy settings from our computer using IEM:
  Click
  Import the current security zones and privacy settings 
  To import content ratings from our computer:
  Click
  Import the current Content Ratings settings
  Regarding how to configure Security Zones and Content Ratings, the following article can be referred to for more information.
  Configure Security Zones and Content Ratings
  http://technet.microsoft.com/en-us/library/cc772410.aspx
  Best regards,
  Frank Shen

• Help about Warning Security IE 8.0

  Hello Guys,
  I need help about warning security IE 8.0.
  When I try install a software from my webserver is display the following message:
  I can't check the publisher.Are you sure install the software?
  This file does not have a valide digital signature that verifies its publisher.
  You should only install software from publishers you trust.
  Well, I already enable:
  Download signed ActiveX controls
  Download unsigned ActiveX controls
  Allow active content from CDs to run on user machines Enabled 
  Allow software to run or install even if the signature is invalid Enabled 
  Check for server certificate revocation Disabled 
  Check for signatures on downloaded programs Disabled 
  Is there somewhere I disable all settings warning's about IE or one specific GPO I need disable for this warning don't display for me?
  In the same installation a lot of about file .cab are installed, only one specifc I don't have sucess.
  I try some troubleshootings too:
  https://social.technet.microsoft.com/Forums/windows/en-US/8f8293c4-0920-462f-9c69-0a8e3f92aa02/unknown-publishers-warning
  https://www.youtube.com/watch?v=UknQn6tZZis
  http://windows-3322.blogspot.com.br/2011/02/how-to-repair-activex-error.html
  Thanks a lot who answer me or about any idea about my issue.

  This file does not have a valide digital signature that verifies its publisher.
  Did you see your result
  https://social.technet.microsoft.com/Forums/windows/en-US/8f8293c4-0920-462f-9c69-0a8e3f92aa02/unknown-publishers-warning
  <quote>
  Changing the time zone actually worked.
  </quote>
  Robert Aldwinckle

• Secure Zone Customer Activity Tracking

  I'm new to Business Catalyst, so this may be obvious to some of you, but I have a question about tracking customer activity on my Business Catalyst site. I can track logins into Secure Zones, but only whether/not the customer has logged into the site.
  What I'd really like to do is track a customer's usage of the site - in other words, I'd like to see what a customer's activity looks like on the site. So if a customer goes from Home (secure zone login), to About, to whatever other page. I suppose how much time they spend is too granular, but if I could figure out how to track their site usage, it'd really help me with a client. The only way I can see how to do it on my own is to require users to log in to every single page, which compromises far too much usability.
  So, how about it? Is there anyone that can provide a suggestion, either using the BC interface, or using some other type of tracking mechanism?

  BC can't do that out of the box. You may want to use Google Analytics for that.
  Cheers,
  -m

• Why do I get these messages "logged in but not to a specific secure zone"

  Could anyone please explain why this messge would appear on the dashboard
  'username' logged in but not to a specific secure zone
  instead of
  'username' logged in to Member Only Area secure zone
  On this website, customers can only log on to a secure zone, and there is only one secure zone.
  Thanks

  Hi Mario,
  Thank you for your response.
  There are only two places users could log in, and none have ZoneID=-1
  I tested both options with one of my own (non admin account) login, and none produced the above message.
  action="/ZoneProcess.aspx?ZoneID=51&amp;OID=5459507&amp;OTYPE=1"
  action="/ZoneProcess.aspx?ZoneID=51&amp;OID=5459507&amp;OTYPE=1"
  both ZoneID's are the same
  What is weird though, only one specific user account is generating that message.
  At this stage the user has not complained about not being able to access his/her data yet.
  My only concern was that this could be a possible security risk.
  Thanks

• How to use single web form for multiple secure zone signup?

  I have multiple secure zones in my website. I want to sell membership of secure zones to users of my website. I want, users signup for multiple secure zone of their choice and submit payment. Is it possible if can you please explain a bit or refer me to an doc about it.
  Thanks a lot for your time,

  I realize this isn't likely, but do you know of a way to allow the user to select the secure zone to be registered (e.g. from a list of multiple secure zones or entering ID of one sz into a text input) from within a single web form? I wonder if this can be passed in through a parameter in the action URL or through a special system field.
  Thanks

• Help with secure zone/ forum registration

  Im having difficulty grasping the secure zone concept and ive spent days watching videos and reading online so I hope someone can help push me forward.
  I built the site with Muse, and im using dreamweaver and the BC site (older view) to help edit.  I have a creative cloud subscription.
  First I want to create a registration page to collect custom information on users, for example:  The site is about traveling, so I want users to be able to select which countries they have visited, upload a photo, and control their own profile.
  I want this user information to control the forums, their own blog, and their own photo galleries.
  I'm not afarid of doing the work it till take to get this done but I dont understand if I need to use webforms,  or web app.  The forums module has a default registration page that is very basic, can I use that for a template and just expand it? 
  Also I attempted to make webforms and use them, however when I publish my site live again in muse, it seems to delete any forms I made in BC, do I need finish using muse and stay away from it now that the basics are complete?
  Thanks for your help, and any leads or overall concepts that I am missing would be great!  Thanks!

  You can not do that in BC exactly. It is not designed for that sort of site.
  You can not use the CRM to build that sort of thing.
  You will need to build a blog with webb apps and allow them to submit their own and edit their own web app items. For the forums you have a login for the forums but you can not have their own indevidual forum.
  Photo gallery - not using the BC module and will again have to be a web app and limited.
  To pull that into a public profile you again can not use the CRM as showing their CRM information is ONLY when THEY are logged in. You would have to replicate their data in another web app. And pulling them together will be hard unless you know ajax etc and still complicated.
  You probably better off using a different platform to achieve what your after. Coming from Muse and what that outputs as well your going to have a hard time of it. You can not use Muse to publish if you want more stuff like this because it will just do an all in one publish. If you do stick with BC you have to now Ditch Muse if you watn to do any of this right and more.

• Secure Zone Login Issues:  It worked great and now just stopped.

  The secure zone on my client's site worked great for about a month and now it just stopped.  All of a sudden it won't let us type into the username and password boxes.  We can click on the "remember me" button and the "submit button" but not type.  I've tried deleting and redoing the code and still nothing.  Our issue is occuring most when used with Chrome's browser.  Any thoughts or suggestions?

  Thanks for your reply, Liam.  Oddly enough I was just reading your expectional contributor profile that popped up in my side collumn.
  Here is the link to the site.  The login works fine in Safari, it's just a problem with Chrome I believe.
  www.myadvancedpt.com
  The login area is in the bottom right of the footer titled "Employee Login."

• Best practice for secure zone various access

  I am setting up a new site with a secure zone.
  There will be a secure zone. Once logged in, users will have access to search and browse medical articles/resources
  This is how an example may go:
  The admin user signs up Doctor XYZ to the secure zone.
  The Doctor XYZ is a heart specialist, so he only gets access to web app items that are classified as "heart".
  However, he may also be given access to other items, eg: "lung" items.
  Or, even all items. It will vary from user to user.
  Is there any way to separate areas within the secure zone and give access to those separate areas (without having to give access to individual items - which will be a pain because there will be hundreds of records; and also without having the user log out and log into another secure area)

  my only issue with this is that I have no idea how to open up File Sharing to ONLY allow users who are connecting from the VPN
  Simple - don't expose your server to the outside world.
  As long as you're running on a NAT network behind some firewall or router that's filtering traffic, no external traffic can get to your server unless you setup port forwarding - this is the method used to run, say, a public web server where you tell the router/firewall to allow incoming traffic on port 80 to get to your server.
  If you don't setup any port forwarding, no external traffic can get in.
  There are additional steps you can take - such as running the software firewall built into Mac OS X to tell it to only accept network connections from the local network, but that's not necessary in most cases.
  And 2. The best way to ensure secure AND encrypted file sharing via the server...
  VPN should take care of most of your concerns - at least as far as the file server is concerned. I'd be more worried about what happens to the files once they leave the network - for example have you ensured that the remote user's local system is sufficiently secured so that no one can get the documents off his machine once they're downloaded?

• Single form for secure zone registration and web app submission?

  Hi
  Is it possible to setup a form where a user can simultaneously register for a secure zone and submit a web app entry? The knowledge base / tutorials describe a two step process (web form for secure zone registration and web app input form for web app submission), but I would like users to be able to do both with a single form
  Thanks in advance for any suggestions
  mls

  In order to have a customer create a web app item they must be logged into the secure zone already.  I've seen some instructions on how to let users submit web app items outside a secure zone but that requires creating a dummy anonymous user and logging them into the secure zone via javascript.  You could use this method and once it's submitted you'll have to manually attach the web app item to the correct user in the BC Admin.  That might not work for you but you can read more about that at http://forums.adobe.com/docs/DOC-1784
  You can't use the above solution with the current user's username and password because those tags are only available when the user is logged into a secure zone already.  If your signup form needs to be filled out first, the user isn't logged in.
  Your best bet is to have the public signup form redirect the user after submission to an "Add item" form you have created. Maks sure that form is in a secure zone so when they add the item it is attached to their account.
  If you don't want to redirect them to a secure zone and want it more seamless you could try to use some javascript/ajax to submit the form via javascript and after the form is submitted, use the javascript code in the above to log them in (be careful to use the https://yoursite.worldsecuresystems.com url if you are passing username and password info gathered from your form to log them in via javascript/ajax).  Once they are logged in via the javascript you can use more ajax to fetch a page's HTML that resides in a secure zone.  This HTML returned from the javascript can be your "add web app item" form and since they were logged in via javascript (securely, right?) this HTML should contain the right information.  Insert this returned HTML into your form container that held the original signup form and they can continue to add a web app item without having to log in.
  This is theory and might work but you'll have to start experimenting with it via javascript.  I haven't actually tried to do this so hopefully some other community members who might have tried this can weigh in here as well.
  Good luck!

• Export Secure Zone Username Report

  Strangely enough, I just found that while I can export a report with contacts' usernames and I can export a report with contacts and their secure zones, I can't export a report with both secure zones and each contact's username.
  Can you help me work out how I could do it?
  Even a thought on how to combine the two csv files with a script?
  Thanks heaps,
  Joshua

  Hi Sidney,
  I have discovered further problems now that I have added the login and password fields to the webform.
  1. The webform did not update with the new fields when I went in to customise it. So I had to reset the form to original setup and lose all of the extra coding done on the form including:
  a. javascript to set an expiry date for access to the secure zone
  b. coding to the amount field so that it could not be changed
  c. Zip to postcode and Cell to mobile phone labels
  d. other fields marked as hidden
  Below are screen shots to show that I added the password and login fields but they were not in the webform when I went in to edit it.
  Not good.
  Also, the javascript checking on the required fields for the forms are not working.
  And finally, when testing the form and adding a username and password, the person was subscribed to the secure zone, but the welcome secure zone subscription email giving them the user name and password still did not trigger.
  and
  they were subscribed with a different username, not the one on the form.
  So bottom line, webforms seem to be a bit broken at the moment. Is that the case? I have given up on doing the secure zone subscription from the forms now, and will tell the client it can't be done at the moment.
  I still need to get the javascript checking working on the forms though, and remember submitting a question about that a while ago. Looks like it is still a problem.
  Here is the screen showing that I added the new fields to the form and saved it.
  Here is the web form editor screen - with the new fields not there!

• Switching between https secure zone to http domain

  Hi,
  I'd like to know what the best way to link back to a non secure zone http domain from a secure https (worldsecuresystems.com) domain. I've seen a few articles on this subject and tried a few different approaches, but nothing that I've read/tried seems to work completely. I've tried using the full path by adding {module_defaulturl} to links e.g. <a href="{module_defaulturl}/contact.html">Contact</a> and I've tried adding a content holder e.g.<a href='/{module_contentholder name="_Template - Default Domain Host"}/about.html'>About</a>, where the host/path is added to the content holder. I've also tried using the full path hardcoded. All three approaches work for navigating between/from https to http domains, so far so good.
  However, whereas this full path approach works to enable linking within the website, the links no longer work within the Visual Editor (ICE). It appears the ICE will not work with full path links. Does anyone know of a way around this, or know of a better approach to setting up links between https and http domains? I'm thinking of using javascript to add the full path to links when the page loads whilst on a secure domain so that the script doesn't run in the ICE. But is there a better/simpler way?
  Regards, Mark.

  Thanks for the suggestion although getting to the solution requires a subscription to their service. But your suggestion helps because they mention achieving what I want with jquery, so I assume that's the accepted way to go about it. I've already implemented a solution with jquery, I was just trying to see if there was another 'more native' BC way. Cheers