Configuration for using Internet Explorer |
This section displays the configurations that must be performed in the workstations that will use one or more SE Suite components. It is possible to perform these configurations automatically through GPO configurations.
Safe Sites
Automatic Mode (GPO)
1.Open Group Policy Management and access "User Configuration Administrative Templates Windows Components Internet Explorer Internet Control Panel Security Page".
2.On "Site to Zone Assignment List", switch to "Enable".
3.Click on "Show" and on "Add".
4.Type the URL to access SE Suite in the first line. For example, https://sesuite.softexpert.com.
5.Type 2 in the second line and click on "OK" to finish.
6.Open "Group Policy Management" and access "User Configuration Administrative Templates Windows Components Internet Explorer Internet Control Panel Security Page".
7.On "Site to Zone Template", switch to "Enable".
8.On "Options", switch "Trusted Sites" to "Low".
9.Click on "OK" to finish.
Manual mode1.Open Internet Explorer and access the SE Suite login screen.
2.Access "Tools Internet Options".
3.On the "Security" tab, select "Trusted sites".
4.On "Security level for this zone", switch to "Medium-low".
5.Click on "Sites";
6.On "Add this website to the zone", click on "Add".
7.Click on "Close" and on "OK" to finish.
Compatibility ModeFrom version 2.0 onwards, the compatibility mode must be disabled for the system access URL. If you used SE Suite in a previous version, follow the steps below to disable it:
Automatic Mode (GPO)1.Open "Group Policy Management" and access "User Configuration Administrative Templates Windows Components Internet Explorer Compatibility View".
2.Double-click on "Use Policy List of Internet Explorer 7 sites" and click on "Show".
3.Check if the system access URL is on the list. If so, remove the line.
4.Click on "OK" to finish.
Manual mode
1.Open Internet Explorer and access "Tools Compatibility View settings".
2.On "Websites you're added to Compatibility View", locate the system access URL and click on "Remove".
3.Click on "Close" to finish.
Java SecurityJava performs a connection with the certification body to confirm the validity of the HTTPS certificate. When the workstation does not have access to the internet, the execution of java programs may be slow. To fix that, follow the guidelines below:
1.Clear in the proxy the access of the workstations to the following URLs: http://crl.comodoca.com/COMODORSADomainValidationSecureServerCA.crl http://crt.comodoca.com/COMODORSADomainValidationSecureServerCA.crt
2.If it is not possible to clear the proxy, configure Java not to try to verify the certificate. See below how to perform this operation.
Automatic Mode (GPO)1.Create a ".bat" file with the following commands:
Note: Replace sesuite.softexpert.com with the URL to access SE Suite.
2.Open "Group Policy Management" and access "User Configuration Windows Settings Scripts (Login/Logoff)".
3.Double-click on "Logon" and click on "Add".
4.Click on browse and then select the previously created .bat file:
5.Click on "OK" to finish.
Manual mode1.Go to "Star Menu Run".
2.Type in "javaws -viewer" and click on "OK".
3.On the "Security" tab, switch to "High".
4.Click on "Edit Site List" and add the URL to access SE Suite:
5.Click on "OK".
6.Access the "Advanced" tab and check the options: ▪Mixed code (sandbox vs. Trusted) security verification Disable verification ▪Perform signed code certificate revogation checks on Do not check ▪Perform TLS certificate revogation checks on Do not check
7.Click on "OK" to finish.
Security RecommendationsTo avoid the proxy and antivirus blocking parts of the system or slowing down access, we request the system access URL to be configured as an exception in the proxy (bypass) and the ".jar" files to be configured as exceptions in the antivirus. Automatic cleaning routines of the user "temp" may also cause the first access to be slow. |