Article ID: 816464 - View products that this article applies to.
By default, Microsoft Internet Explorer Enhanced Security Configuration (ESC) is enabled in Windows Server 2003. However, Internet Explorer ESC is not enabled by default for Terminal Services if Terminal Services are installed by an unattended installation.
To enable Internet Explorer ESC for administrators or for users who browse while they are logged on to a Terminal Services session, you must specify IEHardenAdmin or IEHardenUser in the [Components] section of the unattend answer file.
When you specify TSEnable = ON in the [Components] section, Terminal Services automatically defaults to hard (IEHardenAdmin = ON) for administrators and soft (IEHardenUser = OFF) for users when Internet Explorer settings are not specified. If Internet Explorer settings are specified in the [Components] section, Terminal Services follow the settings.
[Components]For more information about security settings in Internet Explorer, see the online Help for Internet Explorer ESC on a computer that is running Windows Server 2003:
TerminalServer = On
IEHardenUser = ON|OFF
IEHardenAdmin = ON|OFF
For more information, see the Microsoft Windows Preinstallation Reference Help file (Ref.chm) on the Windows Server 2003 CD. This file is located at:
For additional information about creating an unattend answer file, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/323438/EN-US/ )HOW TO: Use Setup Manager to Create an Answer File in Windows Server 2003