Archive for the ‘Internet Explorer’ Category

Failed to download this file. Error code 0x800C0008

Friday, January 6th, 2017

One of our services gave an odd error. External user would attempt to access it and they would get an error about a configuration file not downloading.

The part of the error message that interested me was:

Failed to download this file. Error code 0x800C0008

What was odd was the service worked inside the firewall.

I thought it was browser related and checked the Net.

I tried the suggested registry change:

  1. Start Registry Editor.
  2. For a per-user setting, locate the following registry key:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings

    For a per-computer setting, locate the following registry key:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
  3. On the Edit menu, click Add Value, and then add the following value:
    BypassSSLNoCacheCheck“=Dword:00000001
  4. Exit Registry Editor.

This did not need a reboot and the change worked.

To add more “oddness” the service started working before the affected users made the change.

Hmmmmmm?  Network people or Security people?

Advertisements

Missing Internet Settings GPO for Internet Explorer 11

Tuesday, April 14th, 2015

I had a request for a server running a tool to allow users to access it via Citrix and not have to enter the URL into the trusted sites.

With old versions of IE, you would simply modify the local GPO for Internet Settings. To my surprise, this was gone. It seems Microsoft decided to favor Global Policies starting with version 10 for such issues. It makes sense when it involves many systems; but It seems overkill for one system. I do not have access to the Domain Controllers so my choices were rather limited.

I decided to play around with the registry and found this could be accomplished by creating a couple keys and dwords.

Using regedit, I drilled down to : HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Internet Settings\ZoneMap

I created a new key called: EscDomains and inside that another key for the ServerName

This is used when enhanced security is enabled for IE.

Inside this key, I created two new DWORDS :   http and https and set both to 2 which signifies Trusted Site.

Not knowing why Enhanced Security was in use for this server, I decide to create a couple more entries in case somebody decided to disable it.

The two new keys went in the ZoneMap\Domains:   company.com\servername

Obviously you change that to your domain name and the name of the server.

Inside the servername key I created the same two dwords as before.

After that I tested the access and the users could get the login screen without modifying IE.

Granted not the best solution and caution should be used but it solved my issue.

Information used to research this:

MSDN Inhanced Security Zones

ServerFault post

Spiceworks

thesysadmins