How to show the ActiveX Yellow bar?

I'm try开发者_如何学JAVAing to set up a webpage that downloads the OCX and installs it with the user permission when the user right click in the yellow bar

Note: it's a business app and I know... IE, but 95% of company customers use it and it's easy for us to move from Windows > OCX first and then to full WebService

What I did was create a cab file with:

- eds.cab (signed with an SSL certificate)
     |--- EDS.ocx
     |--- setup.inf

the setup.inf has this code:

[version]
signature="$CHICAGO$"

[Add.Code]
EDS.ocx=EDS.ocx

[EDS.ocx]
file-win32-x86=thiscab
clsid={8EC68701-329D-4567-BCB5-9EE4BA43D358}
FileVersion=3,5,0,150
RegisterServer=yes

and then the webpage contains the tag like this:

<object 
    id="ActiveX" 
    classid="CLSID:8EC68701-329D-4567-BCB5-9EE4BA43D358" 
    width="14" 
    height="14" 
    codebase="http://localhost/EDS.Webservice/EDS.cab#version=3,5,0,150">
    <param name="tabName" value="Stop:http://localhost/EDS.Webservice/" />
</object>

and they I navigate to the http://localhost/EDS.Webservice/

The issue is that I do not get that yellow bar, just the ACL asking me to accept it.

Does anyone know what I could have been missing?

It only shows the ACL message on Windows 7, never the yellow bar first like, Flash plugin... :-(

added

What we are after:

Thank you.

Added

Internet Explorer Settings are as Default, both Security on Advanced Tab as well Trust Domains

Maybe the problem is in absent Deployment section. Try to modify your .inf file:

[version]
signature="$CHICAGO$"
AdvancedINF=2.0

[Add.Code]
EDS.ocx=EDS.ocx

[Deployment] 
InstallScope=user|machine

[EDS.ocx]
file-win32-x86=thiscab
clsid={8EC68701-329D-4567-BCB5-9EE4BA43D358}
FileVersion=3,5,0,150
RegisterServer=yes

Where are you serving your page from? If it's from localhost/inside the local network, it will have a different security policy applied - even with all settings as default. Try publishing it to an external server and see what happens (or failing that, change the settings for "trusted" site to be the same as "internet")

You should also check what's happening with regards to signing of the component - does your object have a certificate that's trusted by your domain/pc setup?

You need to nail IE settings and then talk to domain admin(s) to push it as a policy. Yellow bar is for apps that are considered untrusted and you want your app to be considered fully trusted on client boxes - you just want IE settings tweaked to that it shows yellow bar for all apps - even those totally signed and trusted and coming from local/corp net.