This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 10%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENS%3C/text%3E%3C/svg%3E)
I have an Azure Files share that is accessed by an AVD host pool via a private connector. The share is mapped to a drive letter via GPO. When I open word and excel files that exist in the share I get the warning that this file is from the internet and could be unsafe.
Is there a way to prevent this? I don't want to set the drive as a trusted source because that will then bypass my macro rules to only run signed macros.
Thanks
This behavior is not exclusive to Azure Files and applies to all network shares. I have added the office-itpro tag so experts from that are are able to chime in. Since you don't want to add the drive as a trusted source, I don't believe alternatives exist.
Thanks for your response Deherman.
I don't see this behaviour on any of my on-prem shares.
For anyone else with this problem I've managed to solve it.
You will need a domain joined file server upon which you need to install the feature DFS Namespaces (under File and storage services, File and iSCSI services)
Then you will need to modify the registry to enable the feature you need. Here is some PS to add the required keys.
New-Item `
-Type Registry `
HKLM:SYSTEM\CurrentControlSet\Services\Dfs
New-Item `
-Type Registry `
HKLM:SYSTEM\CurrentControlSet\Services\Dfs\Parameters
New-Item `
-Type Registry `
HKLM:SYSTEM\CurrentControlSet\Services\Dfs\Parameters\Replicated
New-ItemProperty `
HKLM:SYSTEM\CurrentControlSet\Services\Dfs\Parameters\Replicated `
ServerConsolidationRetry -Value 1
Then, using the DFS Management snapin in MMC you add a new namespace.
For the server you enter the name of the server on which DFS installed.
For the namespace name can either add the name of the server running DFS or, if you have an on-prem file server you're looking to replace, the name of that (as long as the actual file server is off and you've pointed an A record at this server with the old file servers name in your DNS server) but you must prepend a # to the name, so for example #SRVFILE01
This only works with standalone namespace, so select that, then click create. Once the namespace has been created you can add a new folder. The name will be the share the user sees, then under folder targets, add the path to your Azure file share.
Once this has all been done, users can browse to the file share at the server name you entered with the prepended # and Microsoft Office will not complain about it being an internet location.
Hi @Nick Sutton ,
Wow, thanks for your sharing.
Hi @Nick Sutton
Files from the Internet and from other potentially unsafe locations that may contain viruses, worms, or other kinds of malware that can harm your computer. For some security reasons, that protect your computer, files from these potentially unsafe locations are opened as read only or in Protected View, then you will find the message warning that this file is from the internet and could be unsafe.
This behavior is by design, for more information, you can refer to "What is Protected View?". To eidt this file, you can click Enable Editing on the Message Bar.
If conditions permit, you can try to disable Protected View for files originating from the Internet in Trust Center Settings as the file's source and content are trusted by you.
Thanks for your understanding.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Thanks for your help Emily.
I understand the reasons behind protected view and agree with them. However, these documents are created by my users and stored on a file share that is within our network. I was hoping that documents generated by us and stored on an Azure file share that is only accessible by a private connector would not have this warning.
Thanks again
Hi @Nick Sutton
Thanks for your reply.
This feature is designed from a security perspective, I am unable to let files from Azure file share which is only accessible by a private connector not receive such security message from Office.
It is recommended that you submit this suggestion to the Microsoft Feedback Forum.
Thank you for your understanding.