Windows Server - Need to configure Group Policy to allow CMD scripts to run without throwing the warning "The publisher could not be verified"

Asked By Spin on 23-Apr-08 05:13 PM
Gurus,

Running Windows Server 2003 SP2 in a single Active Directory domain (Lab
environment).  I have a group policy enabled and set at the domain level for
many things to make life easier in a Lab environment.  I need to be able to
run CMD scripts without them throwing an initial security prompt on screen
which states "The publisher could not be verified.  Are you sure you want to
run this software?" How can I accomplish this using Group Policy?

--
Spin




Roger Abell [MVP] replied on 26-Apr-08 10:53 AM
Spin,
Did/Do the cmd files originate on a different machine than the one
where they are being executed and this is happening?
It sounds as if you are just encountering the popup about running a
file that has come from a machine in a different internet zone, but
you could be running into things from software restriction policy
if you have been toying there.  If it is just the cmd coming from a
different internet zone, then the behavior is controlled by the
internet security options (that you can access on tools menu within
IE - yes it does apply to more than just IE usage).  A common
scenario is a file originating on a machine that is not recognized
as being within the local intranet zone due to different DNS domain,
or changes to the settings of the intranet zone which in the install
default will not cause prompting upon execution.
Roger
Herb Martin replied on 26-Apr-08 06:27 PM
That is NOT likely coming from the Script itself, but from some program
you are calling withing that script.

List out everything you are running from the script....