I've got several Windows Server 2003 domain member servers which are all setup to be Terminal Services servers. But one of them, for some unknown reason, has a particular problem which doesn't occur in other similar servers. In this server, called TSserver to simplify things, users can't run executable files from other domain member servers' shared folder. To simplify things, let's call "fserver" the file server which contains the exe file in a shared folder. Users in TSserver can't run exe files in \\fserver\some_dir\... They have the same problem even if they map \\fserver\some_dir\ to some drive letter. I've found two solutions: 1. Uninstall "Internet Explorer Enhanced Security Configuration" from "Add/Remove Programs" I suppose there's a good reason Microsoft has to make this thing, so I prefer not to uninstall this. 2. EVERY user has to do the following: a. Open Internet Option > Security tab b. Click Local intranet icon > press Sites button c. Add file://fserver in website field Solution 2 works perfectly, except that every user has to do it. I have more than 50 users. Is it possible to apply this change only once but in a system-wide manner?

Possible one time single solution is to group all servers in same OU and the apply group policy using option 2 that is adding http://fserver as a trusted siteIsaac Oben MCITP:EA, MCSE

I'm not familiar with group policy. Could you give more detail how to do so? On the other hand, why did you say "all servers "?

Hi , Please follow the below steps to add intranet site using GPO,step 1: click Start -> Programs -> Administrative Tools -> Group Policy Management. on the domain controller .step 2 : You need to expand Forest\Domains\<yourdomain( either .net or .local) \Group Policy Objects. Step 3: Right click Group Policy Object and select New to create a New GPO. Step4 : you need to edit the GPO, so right click the new GPO and select Edit. Step5: Under GPO Editor window, expand to User Configuration\Windows Settings\Internet Explorer Maintenance\Security. Step 6: On the right pane, double click Security Zones and Content Ratings. Step 7: Now Under the Security Zones and Privacy, click Import the current security zones and privacy settings. It will prompt you a window, click Continue. step8 : Click Modify Settings. In the Internet Properties page, you can modify the Intranet Zone and click ok.step 9 : Now you need to expand--> User Configuration\Administrative Templates\Internet Explorer. stpe 10: Navigate to IE --> Tools --> Internet Options and based on your requirement you can disable or enable settingsstep 11: open Group Policy Management again /switch back to GPMC and then link the new GPO to the OU / new OU .you need to make sure you run gpupdate on all the clients to get the policy pushed If you are not aware of GPO / domain then you can pass the above steps to the administrator who is managing your domain.

Sainath, Thanks for your reply. I'm lost at step 10 as I can't find any "Internet Options". My domain controller is a Windows Server 2008 while the problem server is a Windows Server 2003. Maybe this is the reason why I don't see the same things (actually, in other steps, I don't find those settings at the same level as you've written, but eg in some deeper levels.) And I'm partially lost in step 11: 1. I want to apply this GPO to the problem server, so I "link" it to the computer instead of OU. Is this correct? 2. I don't know how to *push* the policy to the server.