We have a program tracks what research pages you go to and automatically logs you in to them and writes data to sql server, etc. This part works fine, as long as protected mode is not turned on in IE (as a note we are using IE8).
When protected mode is on you get the following error. “DBISAM Engine Error # 11013 Access denied to table ‘C:\Users\USERNAME\AppData\Local\Temp\8\Low\Filters.dat’
Basically with protected mode on, when IE tries to write to the following location %temp% and it doesn’t have rights. Even though the user does have rights. With protected mode on they can’t edit the files correctly.
Fixed this using AppSense at logs on, so no matter what server they get and no matter what their session id is it will work.
** Side note, on terminal server when you type %temp% you will see the following location C:\Users\USERNAME\Appdata\Local\Temp\SESSIONID, you can turn this off in group policy if you want.
The program we have creates the low folder and puts some files there when IE is launched, but when you try to go to an external page or open a new tab it gives the error. So on login we create the folder %temp%\Low and then run the following script.
Set shell = CreateObject("WScript.Shell") Const strLaunchCmd = "icacls %temp%\low /setintegritylevel (oi)(ci)low" Set objExec = shell.Exec(strLaunchCmd)
After we set this up, we no longer had the error message. We were able to keep protected mode turned on for IE and didn’t have to wait on the vendor to fix the problem.