You are currently offline, waiting for your internet to reconnect

Internet Explorer Enhanced Security Configuration Is Not Enabled When You Use an Unattended Installation to Install Terminal Services

Support for Windows Server 2003 ended on July 14, 2015

Microsoft ended support for Windows Server 2003 on July 14, 2015. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

By default, Microsoft Internet Explorer Enhanced Security Configuration (ESC) is enabled in Windows Server 2003. However, Internet Explorer ESC is not enabled by default for Terminal Services if Terminal Services are installed by an unattended installation.
To enable Internet Explorer ESC for administrators or for users who browse while they are logged on to a Terminal Services session, you must specify IEHardenAdmin or IEHardenUser in the [Components] section of the unattend answer file.

When you specify TSEnable = ON in the [Components] section, Terminal Services automatically defaults to hard (IEHardenAdmin = ON) for administrators and soft (IEHardenUser = OFF) for users when Internet Explorer settings are not specified. If Internet Explorer settings are specified in the [Components] section, Terminal Services follow the settings.
TerminalServer = On
IEHardenUser = ON|OFF
IEHardenAdmin = ON|OFF
For more information about security settings in Internet Explorer, see the online Help for Internet Explorer ESC on a computer that is running Windows Server 2003:
  1. Start Internet Explorer.
  2. Click Help.
  3. Click Enhanced Security Configuration.
The online Help includes instructions for changing the security settings in Internet Explorer. To change these settings, you must log on as a member of the Administrators group on the computer where you want to change settings.

For more information, see the Microsoft Windows Preinstallation Reference Help file (Ref.chm) on the Windows Server 2003 CD. This file is located at:

For additional information about creating an unattend answer file, click the following article number to view the article in the Microsoft Knowledge Base:
323438 HOW TO: Use Setup Manager to Create an Answer File in Windows Server 2003

Article ID: 816464 - Last Review: 02/20/2007 21:40:50 - Revision: 3.3

Microsoft Windows Server 2003, Standard Edition (32-bit x86)

  • kbinfo KB816464