User gets security prompt moving files within mapped drive

James Edmonds 831 Reputation points
2021-12-17T14:27:29.02+00:00

Hi,

We have a mapped drive deployed to all users from a single file server.

One of our users within the last couple of days has started getting the below security prompt when moving files within the mapped drive on their Windows 10 machine:
158614-image.png

I have seen online people talking about adding the file server DNS name to the local intranet zone, but this seems daft as it is only affecting one user and was fine before.
Can anyone offer any suggestions on why this may have just started happening out of the blue for only one user?

Many thanks
James

Windows for business | Windows Client for IT Pros | Devices and deployment | Configure application groups
Windows for business | Windows Client for IT Pros | User experience | Other
0 comments No comments
{count} votes

6 answers

Sort by: Most helpful
  1. Reza-Ameri 17,341 Reputation points Volunteer Moderator
    2021-12-17T15:48:52.017+00:00

    In case it only affect one user, it is recommended to check the Event Viewer for the time the user want to access and see if there is any relevant log files there?
    Try update the user's system and in case it is domain-join device, try disconnect and reconnect it.
    You may try remove and recreate the mapped drive too.


  2. Limitless Technology 39,926 Reputation points
    2021-12-20T14:16:42.903+00:00

    Hello @James Edmonds

    You can control this with Group Policy, as well. Use gpedit.msc and drill down to

    User Configuration → Policies → Administrative Templates → Windows Components → Internet Explorer → Internet Control Panel → Security Page

    Enable "Intranet Zone Template" with the Low option.

    Then enable "Site to Zone Assignment List" and use the Show button to add your "sites" (servername, servername.domain, ipaddress - the values you enter depend on what name or IP you use to access the share) with a value of 1.

    Lastly - and this is the most important step - drill down one folder in gpedit to "Intranet Zone" and enable for "Show security warning for potentially unsafe files", choosing Enable from the drop-down.

    Close gpedit, reboot or run gpupdate /force and enjoy no more annoying Windows Security dialogues!

    Hope this helps with your query,

    -----------

    --If the reply is helpful, please Upvote and Accept as answer--


  3. James Edmonds 831 Reputation points
    2022-03-10T15:21:33.807+00:00

    Can't recall if someone asked about offline files, but this did seem to be enabled for the user.
    We disabled this, and everything seemed to be ok after that.

    0 comments No comments

  4. James Edmonds 831 Reputation points
    2022-09-02T12:59:44.267+00:00

    Hi,

    Our user is having this issue again, but Offline Files is still disabled for them, so not the cause on this occasion.
    The dumb thing is, dragging and dropping the file from one folder in the shared drive to another, causes the security prompt, but if they cut and paste they do not get a security prompt.

    Can anyone offer any other suggestions on why this user specifically, may have started getting this behaviour again after 0 changes in this regard on their machine or group policy etc.

    Many thanks
    James

    0 comments No comments

  5. MotoX80 36,291 Reputation points
    2022-09-02T13:51:41.047+00:00

    Can anyone offer any other suggestions

    See if there are any alternate data streams on the files. Pick one subfolder to test with.

    237288-image.png

    You can use "dir /r" or the streams utility to display their existence.

    https://learn.microsoft.com/en-us/sysinternals/downloads/streams

    C:\Users\madne\Downloads>dir /R  
     Volume in drive C is OS  
     Volume Serial Number is 36C0-6121  
      
     Directory of C:\Users\madne\Downloads  
      
    08/26/2022  02:20 PM    <DIR>          .  
    08/19/2022  09:21 AM    <DIR>          ..  
    07/08/2022  10:17 PM               932 Gpedit-Enabler-for-Windows-11.bat  
                                         7 Gpedit-Enabler-for-Windows-11.bat:SmartScreen:$DATA  
    08/15/2022  12:32 PM            49,978 hotkey-detective-1.0.0.zip  
                                       663 hotkey-detective-1.0.0.zip:Zone.Identifier:$DATA  
    07/08/2022  10:44 PM               879 List.txt  
    05/19/2022  08:37 PM        20,490,887 Windows_PowerShell_TFM-4ed_FREE_Book.pdf  
                                       157 Windows_PowerShell_TFM-4ed_FREE_Book.pdf:Zone.Identifier:$DATA  
                   4 File(s)     20,542,676 bytes  
                   2 Dir(s)  570,990,989,312 bytes free  
      
    C:\Users\madne\Downloads>streams *  
      
    streams v1.60 - Reveal NTFS alternate streams.  
    Copyright (C) 2005-2016 Mark Russinovich  
    Sysinternals - www.sysinternals.com  
      
    C:\Users\madne\Downloads\Gpedit-Enabler-for-Windows-11.bat:  
         :SmartScreen:$DATA 7  
    C:\Users\madne\Downloads\hotkey-detective-1.0.0.zip:  
       :Zone.Identifier:$DATA       663  
    C:\Users\madne\Downloads\Windows_PowerShell_TFM-4ed_FREE_Book.pdf:  
       :Zone.Identifier:$DATA       157  
      
    C:\Users\madne\Downloads>  
    

    You can delete them with the -d switch.

    C:\Users\madne\Downloads>streams -d *  
      
    streams v1.60 - Reveal NTFS alternate streams.  
    Copyright (C) 2005-2016 Mark Russinovich  
    Sysinternals - www.sysinternals.com  
      
    C:\Users\madne\Downloads\Gpedit-Enabler-for-Windows-11.bat:  
       Deleted :SmartScreen:$DATA  
    C:\Users\madne\Downloads\hotkey-detective-1.0.0.zip:  
       Deleted :Zone.Identifier:$DATA  
    C:\Users\madne\Downloads\Windows_PowerShell_TFM-4ed_FREE_Book.pdf:  
       Deleted :Zone.Identifier:$DATA  
      
    

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.