When an ActiveX control is digitally signed, and you use PolicyPak Least Privilege Manager to deliver a rule to enable the ActiveX install, Internet Explorer (or IE mode in Edge) will permit the install. Here’s an example of a rule where the item has a rule for the URL and for the Signature.
Again: When your ActiveX items are signed, you should have no problem.
However, if you attempt an ActiveX rule where there the ActiveX item is not signed (see below)…
You will get an experience like this…
To overcome this, you need to DECREASE the security for Internet Explorer. You will do this with Group Policy or PolicyPak Cloud.
Go to User (or Computer) Admin templates | Windows Components | Internet Explorer | Internet Control Panel
Then locate pick the Trusted Sites Zone.
Warning: Note that you are explicitly telling Internet Explorer to REDUCE the security here to enable your UNISGNED ActiveX control to be installed.
Lastly, you have to add the site to be trusted. You have a few options on how to perform this:
The goal is to get IE to recognize the URL to get into the Trusted Zone like this. (This is the RESULT of performing Option 1, Option 2 or Option 3 above.)