Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Only Administrators can see Internet Explorer popup windows.

Status
Not open for further replies.
dwilson1976

dwilson1976

Programmer
Apr 26, 2001
16
0
0
US
Small business server 2003. I have given users the right to "log on locally" as well as administrators.

When a user uses internet explorer on the server, no popup windows appear (which we need for an intranet site). When an administrator is logged in, the popups appear fine. This is extra annoying because things like the "Find on page" dialog will not appear, either.

I first thought that this was due to Internet Explorer's new security configuration, so I uninstalled that for both users and Admin, but that did not work.


Help?
 
Sort by date Sort by votes
Ever been near suicidal over an issue which makes no freaking sense? help?
 
Upvote 0 Downvote
Do you know if the site that you are using is Java? It could be a problem with the Microsoft VM. Have you changed any of the Intranet settings (hope you have identified the site as an Intranet site) within IE to test the problem with Java related apps?
 
Upvote 0 Downvote
Thanks for the reply, but nope, no java. It is simple "window.open" javascript.

To test, I took the user accounts and gave them administrative privileges, and pop ups worked again. Of course, I can't leave things this way.

I also removed the "Advanced Security" from both the users and administrators groups on the server add/remove components. Still no go.

I added the site to the "Intranet" security zone in IE, and I set the "Intranet" on the minimum possible security options, too.

I tried to reinstall IE (out of frustration), but found that it cannot be reinstalled in the same manner as on XP, so I left it alone. I obviously don't think this would make a difference, anyway.

What it seems to me is, turning off the advanced security configuration for users does not work the way it should.

Please help. My girlfriend will bake you cookies if you do!!
 
Upvote 0 Downvote
I'm not sure about this...but you may want to explain the situation better.

Are you saying that you allow users to logon to the server locally?

"I have given users the right to "log on locally" as well as administrators."

So users are walking up to the one server and logging on locally? Or are they accessing this server through terminal services?

Explain the issue regarding "Find on page dialog will not appear"...

When the user tries to locate the find on page, can they "see" it? Or is it that the users click on find on page and can not perform a search?

I almost sounds like there is a policy that is restricting users from performing certain tasks on the server. The aministrator does not have this problem because he has full rights. I would add a user to the admin group as a test to see if this resolves the problem. Then I would start testing ...the minimum group that I could add the user to in order to get the web page to function properly.

Joseph L. Poandl
MCSE 2003

If your company is in need of experts to examine technical problems/solutions, please check out (Sales@njcomputernetworks.com)
 
Upvote 0 Downvote
Jpoandl:

Thanks for the message!

A little background... I have written an ASP.NET application targeted at Internet Explorer which serves as general business management software for a company with several locations. Up until recently, the application was hosted on an XP desktop, but the IIS user throttling, security concerns, and my eternal love for HTTP compression dictated we upgrade to a server OS. I installed a small business server 2003. Now, in the main location, there is a domain with the SBS and 2 client computers. Several remote locations access the management software over HTTPS, too, but they are irrelevant to this problem.

The problem is that the client wants to be able to use the server in a limited fashion solely for this application. It is their attempt to save the $1000 or so dollar expense of putting in an additional computer just to use internet explorer.

In order to facilitate this, I went to

Under "Default Domain Controller Security Settings - > User Rights Assignment -> Allow Log On Locally"
Under "Default Domain Controller Security Settings - > User Rights Assignment -> Allow Log On Through Terminal Services"

and added the "Users" group. I did this with the Terminal Services also as a test. I discovered that both Terminal Services and local logon have the same problem, FYI.

The problem is, whenever a JavaScript "window.open" is used in my Internet Explorer based application it does not open. The popup windows are called in an onclick event of button elements, but nothing happens. This issue only occurs on the SBS, not on the XP Pro computers in the network.

Also, any Internet explorer feature which would open another window does not work. For instance, "View Source," and "Find On This Page" both do nothing.

I have turned off "Enhanced Security" for both users and administrators in the SBS "Add/Remove" section.
I have added the applications home address as an "Intranet" site on all computers and all users.
I have lowered the "Intranet" security options to the minimal levels on all computers and all users.

None of this makes a difference.

I also have been testing this problem on the rest of the internet to see what other odd behavior would come up. In many, many places I get "Library Not Registered" errors. For instance, generates one on this line:

if (!hp.isHomePage(' {document.write("<p><a href=\"/mgyhp.html\" onClick=\"style.behavior='url(#default#homepage)';setHomePage(' Google Your Homepage!</a>");}

Obviously this is some kind of a security setting on the server, but I can't find it identified anywhere in the documentation. I have turned off all of the security "features" I know about...
 
Upvote 0 Downvote
Then I would start testing ...the minimum group that I could add the user to in order to get the web page to function properly. "

I added the user to every group excluding Administrators and the popups did not work.

I added the user to Administrator and they worked.

 
Upvote 0 Downvote
OK I SOLVED IT... so to the lucky ones who goggled this thread you get to save the pain. Thanks everyone for the help.

The problem was that giving users "local logon" rights did not give them the rights to the HKEY_CLASSES_ROOT registry folder. So, some of the DLL needed for IE to run properly were not being registered.

I added the domain users with permission to that registry folder and now everything is ok.

I isolated the problem by installing ThinBrowser, which is IE based. It gave me a specific error message (thank god) regarding an inability to access the registry...

 
Upvote 0 Downvote
cool...glad you got the problem fixed...pretty tough one.

Joseph L. Poandl
MCSE 2003

If your company is in need of experts to examine technical problems/solutions, please check out (Sales@njcomputernetworks.com)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
225
Aquiles Vidal
Aquiles Vidal
microsGuy16
  • Locked
  • Question
Can not copy files to Mapped drive
Replies
0
Views
197
microsGuy16
microsGuy16
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
245
suncit
suncit
antonio_dsanchez
  • Locked
  • Question
post-installation WSUS windows server 2016
Replies
0
Views
191
antonio_dsanchez
antonio_dsanchez
nukeinfer
  • Locked
  • Question
Internet restrictions for isolated PCs in the Network
Replies
1
Views
168
mangentle
mangentle

Part and Inventory Search

Sponsor

Back
Top