iis security: Hi.

I'm moving an intranet based application from a Windows 2000 server (A)
with IIS5 to a newer Windows 2003 server (B) with IIS6. When opening
the application (located on B) with a Windows XP SP2 computer, Internet
Explorer blocks an ActiveX-object on a crucial page claiming it
contains unsafe code.
I've located the code line causing the problem by commenting out lines
in the .js file, and have determined the culprit to be a Tabular Data
Control. The actual line is the one below, where sfilter = "colkey=00".
tableTDC.filter=sfilter;

The code works on B with Windows 2000 SP4 computer, and A with both
OSes.

I've compared the setup in IIS5 with IIS6 without finding any
differences, but I may have overlooked something.

Since the application is on a company intranet with strict policies, it
is not an option to change the security settings in IE.

All help is greatly appreciated as the transition to the new server is
only days away...

Ole Chr. Birkeland

Problem is now solved. In case others searching the forum bump into
similiar problems, I've described the "solution" below.

As I mentioned in the original post, the application is intranet based.
While testing the new webserver, I used (local) IP address to reach the
website (containing the application). Internet Explorer then placed the
website in the 'internet zone', thus blocking the ActiveX component.
By adding the IP address to trusted sites in the intranet zone, the
application works as before.
Since the new website inherits the subdomain from the old website, it
will then be classified as on the intranet.