A company is rewriting a piece of business software as a web application for clients lacking the server capabilities to host the current version. The web version would use an ActiveX control. They have informally talked to me about the project and are asking about typical Internet Explorer security policies on corporate networks. If the Internet security setting is High or customised to block them, ActiveX controls will pose problems. Medium is OK as the control is signed.
Would any of you corporate net admins care to say what level you set IE security to on users’ computers? Do you let users modify these settings?
Thanks
Bear in mind too that if the users are not running as “admin” they won’t be able to install Active-X controls. This is rarely an issue, though, as, unfortunately, most users habitually run as “admin”.
Thanks for that. So, with most of you tending to block ActiveX controls by default, do you have any procedure to let users run them if necessarily, or is it just tough luck?
Thanks for that. So, with most of you tending to block ActiveX controls by default, do you have any procedure to let users run them if necessary, or is it just tough luck?
How would you go about allowing a particular control to be run?
One idea we were thinking of was to ask admins to add the relevant server to Internet Explorer’s list of trusted sites. Is that the sort of thing that would be convenient to do for multiple computers on the network?
Puggyfish, are you talking about running this application over the internet or on a company intranet (behind a firewall)? The answer to this may well influence the IT bigwigs in their decision.
Primarily this question is about an internet version. The existing version is an intranet version as such, although it may be rewritten to share more components with the internet version and may need to consider similar problems.
As you say, this difference affects security issues, but the problems are expected to be smaller with the intranet version. Hence, this thread is looking to tackle the difficult version first.
So, has anyone got any standard procedures for allowing ActiveX controls to be run from the Internet on their corporate network?