This is Vinod from the IE team and I would like to share an informative concept about the IE Enhanced security feature which I discovered.
Scenario: User of a Terminal Server, still getting a Warning even after the administrator disabled it via Server Manager or Script.
In the Terminal Server environment we have a concept called Terminal Services Shadowing.
On a terminal server, whenever applications are installed, it first writes the new application registry entries to the HKEY_CURRENT_USER\Software registry location. At the same time, to ensure that these new entries are available for all the users on the terminal server, the new registry entries are propagated to another location in the registry called the shadow region:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap] – IEHarden
If you turn off the IE Enhanced Security from the UI or run the batch file, it will remove the settings from various other locations but not from the Shadow region.
You might get various symptoms like the once below:
Sample prompts that we can get:
In all these scenarios if it is a Terminal server and if you have enabled shadowing, it is worth to verify whether the issue is actually caused by IE enhanced security or not.
This will be a good start for troubleshooting to isolate if the issue is happening because of IE Enhanced security or not.
Note: The update batch file is available from the following blog article ">How to disable IE Enhanced Security on Windows 2003 & Windows 2008 Server silently?"
The IE Support Team