Dear IE Team, Server Team, and Program Managers,
Hi guys, it’s me again. I have to tell you that I am a huge fan of both Windows server and IE. I use IE8 regularly, and downloaded the IE9 Platform Preview last week, and can’t wait for the beta. Please don’t take the tone of this letter personally. Take it to heart, take it under advisement, take it up the chain of command…but don’t take offence from it. I’m not even sure who is ultimately the owner of IE ESC, but maybe someone will see this and send it to the right folks, for IE ESC is a great example of a good idea poorly executed.
So poorly executed, in fact, that I can’t really believe the folks who picked the default behaviours actually have to use IE on a server. If they did, I’m sure that by now, they would have revised the settings. I mean, in 2003, we learn to go into Control Panel, add/remove, Windows components, and remove IE Enhanced Security (or whatever it was called) before we even tried to run Windows Updates. Really, do you think people would have trashed you for white listing your own updates sites? Well now that I think of it, probably so. I’ll have to give you that one. But in 2008 and 2008R2, we disable IE ESC just as soon as we can get to Server Manager. I mean, seriously, even before I do things like set the time zone, name the server, setup networking…I kill IE ESC. And I feel bad about that, I really do.
And when I say I feel bad about that, I mean, gee, I’m the guy who fought to keep UAC turned on for 2008 servers, and Windows 7 workstations. I even implemented a GPO to keep other admins from turning it off, because I believe in what its trying to do. I wish I could feel the same way about IE ESC, but I can’t. The difference is this. UAC is like a series of speed bumps; they slow you down, sometimes they are a pain in the ass, but ultimately they let you get the job done, just more safely than without. Not IE ESC…it’s like a ROAD CLOSED sign with no advanced warning….you’re driving along, having a grand old time, and then BAM, your stopped cold. Now what? No detour, no work around, no telling it to proceed, just a hard stop.
Oh sure, you can add sites to trusted zones, and then you can proceed, but have you actually tried to do this? I mean, really, gone through all the steps it takes to do this? Have you? Well, for kicks and grins and fodder for this rant, I tried to do just that, and show you what it takes to do this. I tried really really hard to play by the rules, to stick within the bounds of IE ESC to see if I could do so, to see if maybe I was just being too intolerant. Nope, it’s not me, it’s you. Here. Let me show you what I mean. I specifically will NOT turn off any prompts, because I would not want to find myself unaware of anything being blocked for my protection.
I started off with a brand new 2008R2 server build, on VMware ESX. I logged onto the server, to see this.
So I clicked to see solutions that Windows has found, confident that I would be okay.
Okay, so a problem has a solution found…seems an unnecessary extra click, but what the heck…I click the Solution Found.
D’oh! What’d I break??? Oh, nothing, it’s just Windows telling me that it might not trust something Windows is trying to do. Wait, whut? You’re telling me that you are using an executable to launch IE to take me to a Microsoft site, but because you are calling an exe instead of just using a hyperlink, I have to go add it to Trusted Zones? What, you don’t trust yourselves enough? Or you don’t support using an exe to call a webpage? I am confused. Seeing no other option, I click Close.
Wait, again? Oh, no, this time, your telling me that you don’t trust a webpage at Microsoft.com. Well, maybe that is not what you are meaning to tell me, but that is the message you are delivering. So I click close…again. And what to my wondering eyes should appear, but this…
Uhm, couldn’t you have just popped a browser open to this when I clicked the popup in the system tray? Okay, whatever. I click to go online (you mean, I wasn’t online a moment ago when you stopped me from accessing content? Does that mean you don’t trust locally stored files on a fresh install?) to view the KB article.
What the hell? Damn, this thing is already starting to remind me of something else annoying from Microsoft. What is it? Three times already it’s popped up, and all I was doing was following things my own server told me to do to try and solve a problem. Fine, whatever, I just want to get my server deployed, so I hit Close. Again.
Oh for crap’s sake, I don’t have time for this right now. I am thrilled to have IE8, but please, Ask me later.
Okay, hang on, which part of "Ask me later" translates to "open another tab and throw yet another warning about the tab that was just opened without me asking for it?" So I click Close with a little more emphasis on the mouse button than usual. Oh look…
Okay, that IS the same damn message I just clicked Close on. This is no longer funny.
Awesome…that tab I didn’t ask for (actually, I said Ask me later) is so full of win, it has tracking from webtrends.com. Apparently Marketing trusts it, but IE ESC doesn’t. Click Close.
But wait…there’s more! Another something coming from another Microsoft site…but let’s block it just in case. Why? Click Close.
Frak…now I can’t even remember what I was doing to bring me here! Click Close. Oh yeah, there was a VMware KB article back on the other tab. That it was completely NOT an answer to the solution is NOT your fault, so I will not go there here. However, total count of unrequested warnings for just following an operating system prompt…nine. All generated by Microsoft processes or web pages…nothing else.
Changing gears now, let’s go through a basic launch of IE. Launching it from the quick launch gets me the page warning me that IE ESC is enabled. Since this new server is to run Splunk>, I type in www.splunk.com to the address bar, and our old friend pops up.
There is really something naggingly familiar about this. Click Close (that’s one.) That shows me the page. Maybe you don’t like the JavaScript navigation bar or something. I need to download the software, so I click download.
Okay, that’s two. Click Close. Apparently there is a redirect to https, because look what I got next…
And we’re now at three. Click Close.
Hmmm, I guess something is linked using http, because you’re bitching about it again. Click Close and we’re now at four.
And they use Recaptcha on their registration page, so you’re going to protect me from the dangerous inkblots. Thanks for that. Click Close for five.
Well, not sure then what the problem was on the home page, as apparently IE ESC is not enabling JavaScript. Okay, I am still committed to doing the right thing. I trust Splunk>, so I’ll add them to Trusted Sites. That should let everything work. How much effort is required for that?
Click Tools for one. Internet Options for two.
Security tab for three.
Trusted sites for four. Sites for five.
Add the site, click Close, then click OK, so let’s call it eight clicks. F5 to refresh the page and
blammo! Close gets me
for which I click Close once again (what is that, nine, ten? Lost count) just to be able to click the login here link, which gets me this…
Waiting, and waiting, and waiting…okay, I gave it a solid five minutes. It never timed out, it never finished, it just sat there as you see it above.
Okay, that’s it, I’m done. What’s it take to turn this off. Close the browser for one click. Yes, I want to close all tabs for two. Start, administrative tools, Server Manager for three through five. Configure IE ESC for six.
Off for seven, OK for eight, and lo and behold, everything just works. Now I know what IE ESC reminds me of!!! It was there in front of me the whole time!
And that is why we all turn IE ESC off as soon as we build a box.
Please, can we come to some kind of compromise, like maybe "Disable IE ESC for this session" or a button to add a site with one click (I’ll even tolerate a UAC prompt when clicking that) or anything that doesn’t make people turn it off? Please?
Kthxbai!
Ed
Our closing video contains some NSFW audio, and some NSFK* humour.
*not safe for keyboard; do not attempt to drink beverages while viewing.
direct link to video for email and rss subscribers:http://www.youtube.com/watch?v=gjC_0HkLgi8
Too harsh? What about you…do you a) leave IE ESC turned on, b) turn it off, or c) install Chrome?
You might also enjoy:
