BES analysis wants to run an IE ActiveX control

system · March 12, 2007, 8:07pm

When I try to run a BigFix Analysis using the Analysis tab I get a “Your current security settings prohibit running ActiveX controls on this page” We have a secured IE configuration here and any activeX control needs to be approved before allowing it to run (by putting the GUID of the ActiveX in Group Policy) does anyone know what the ActiveX control is that is trying to run here?

system · March 13, 2007, 10:12am

(imported comment written by jessewk)

Tom,

The ActiveX control is probably for OfficeWebControl. OWC is the plugin used to display graphs.

There is an article here:

http://support.bigfix.com/cgi-bin/kbdirect.pl?id=339

system · March 14, 2007, 12:51am

(imported comment written by Peter_Loer)

Tom,

The other possibility is that your error message is being triggered by the control used to display result summaries on the Analysis Results tab. You might try creating an approval for the following clsid:

classid=“clsid:{AF09DEDF-0ACD-4712-9EC5-114BFD4AC39C}”

Let us know if that seems to work…

system · March 19, 2007, 11:27pm

(imported comment written by TomPF)

I installed Office Web controls 2003 and added the GUID you gave me into HKCU\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Explorer\AllowedControls, but I still get the error popup. I enabled the ActiveX controls and it asks me do I want to run ActiveX contols installed on my computer and I can click on yes. I just need to know what other GUIDS would need to be added to bypass this popup box.

BenKus · March 20, 2007, 6:12am

(imported comment written by BenKus)

Hi TomPF,

Can we try this:

In your BES Console, hit CTRL-ALT-SHIFT-D.
Enable the debug menu.
Then go open the document that gives you the ActiveX warning.
Then right click on the page and go to “View Source”.
See if you can find the ActiveX control GUID in the source.

Ben

BenKus · March 20, 2007, 6:47am

(imported comment written by BenKus)

Hi Tom,

I have just been told by a developer that we create a new guid at runtime and put an object with that guid in the html.

So it looks like you can’t predict what the guid will be… Sorry…

Ben

system · March 23, 2007, 12:41am

(imported comment written by TomPF)

I will need to be more specific where the ActiveX pops up.

I start the BES console

I click on the Analyses tab

I select a single analysis in the list and double-click on it

A box pops up “Microsoft internet Explorer” "Your current security settings prohibit running ActiveX controls on this page. As a result, the page may not display correctly.

I click on OK’ and the analysis does appear on the lower half of the screen.

This is the source of the document:

Get GS_Mcafee Version
Custom Analysis

Description

Click here to deactivate this analysis.

I do not see any GUIDS created, nor any OCX or DLL files being called, but it must be calling one for the message to come up.

system · March 30, 2007, 6:55pm

(imported comment written by TomPF)

Just veriified what Ben Kus stated about the random generation of GUIDs at runtime. Guess there is no solution for me. Oh well.