Novell Cool Solutions

Controlling the Installation of ActiveX Components



February 3, 2006 12:00 am





Winnt-2000-XP, Internet Explorer.

PROBLEM: Users assigned a normal user policy in Windows can’t download and install ActiveX components.
As the administrator you have to go to the workstation, logon as an Administrator go to the webpage and let the ActiveX component install itself.

SOLUTION: To enable normal users to download and install ActiveX components from websites, just give read, write & execute rights to the “C:\WINNT\Downloaded Program Files” folder. This is the place where Internet Explorer downloads the .ocx etc.

In the ZENworks User Policy you can edit the Dynamic Local User policy and add the directory to the list and give the three rights to it.

To stop users from downloading all kinds of ActiveX spyware etc., components, just go in ZENworks to the Windows group policy editor and disable the possibility to download any ActiveX components from the “Internet Zone.”
To enable the installing ActiveX from any webpage, just add them to the “Trusted site zone.”

This way, with ZENworks you can easily control which webpages (intranet or internet) may install ActiveX components.

If you have any questions you may contact Dario at

0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
You need to be a registered member to rate this post.

Categories: Uncategorized


Disclaimer: This content is not supported by Novell. It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test it thoroughly before using it in a production environment.