By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
448,784 Members | 1,182 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 448,784 IT Pros & Developers. It's quick & easy.

Windows Server 2003 Intranet vs Internet Zones with 2.0 Framework

P: n/a
I'm posting this here as I first found the issue trying to run a 2.0
Framework app on a 2003 server.

Background
--------------
We utilize a strong name policy sent to all XP machines using group policy.
This policy allows us to trust our applications that run from an application
server as opposed to having to set the applications up locally on every XP
box. We were trying to run an application on a Windows 2003 server from an
application server and received the following error in event viewer.

Source: .NET Runtime 2.0 Error etc. etc.
P9 system.security.security
....

This led me to believe there was an issue with the strong name policy.
After getting disgusted at not having mscorcfg for the 2.0 framework and too
stuborn to install the SDK just for that, I resorted to using caspol.exe to
verify the policy was in place. Everything looked fine. Again the policy
was set up in the LocalIntranet_Zone.

Leaving early for snow and sleeping on it, I came in this morning with new
resolve and created a single WinForms app signed with our strong key. Upon
running this on the Win2k3 server, I found that the application launched with
the following in the caption of the form: "Internet - Form1 - AppServerName".

Additionally, if I place my pointer over the control box, I get the
additional message stating a MS .NET Security Warning to never enter personal
information in a window whose source is not verified. It also showed the
source being the application server.

This is all fine but why in the world is Win2k3 treating this as Internet
Zone? Why would there be a difference between the two? Am I going to have
to set up a separate strong name policy for Win2k3 servers to allow our
strong name on the Internet zone? That seems riskier than if the server
still treated the app server as being on the Intranet zone.

We have a highly streamlined process for application distribution without
having to install anything locally on the machines. This throws a wrench
into the works.

Any comments? Questions? Snide Remarks? Would the best recourse be to
trust the application server itself? Do I need to resign myself to having to
install applications locally on Win2k3 servers?

Thanks for your input.

Dec 6 '05 #1
Share this question for a faster answer!
Share on Google+

This discussion thread is closed

Replies have been disabled for this discussion.