Adding a site to Trusted Site or Local Intranet

Posted in IIS, Internet Explorer, Windows

Occasionally I need to add a site to the Trusted Sites or Local Intranet Zones on computers.  Group policy is the obvious way to do this but if you put it to Computer Configuration > Administrative Tools > Windows Components > Internet Explorer > Internet Control Panel > Security Page > Site to Zone Assignment List, the zone becomes controlled by the administrator and the end user can’t add sites later. 

In the past I have had to use the IE Customization tool to create a custom package.  Today.. I found a much better way to add sites to zones that can be updated on the fly.  Thank goodness for the registery and GPP.

Basically I am using GPP to drop a registry key down that adds the site to zone.  I have found that the user needs to logoff and back on for it to take effect.

The key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains contains the zone mappings under the enhanced security configuration. Each registry key that is below this key in the registry hierarchy is a Web site domain. Each of these keys has values which indicate the allowed protocol and the zone to which that protocol belongs for the domain. A value of 0×001 indicates the Intranet zone and a value of 0×002 indicates the Trusted sites zone.

http://msdn.microsoft.com/en-us/library/ms537181(v=vs.85).aspx

Works great so far!!

email

Written by , Posted .