Solved

Advanced IE Settings available for change by Group Policy?

Posted on 2006-11-08
2
3,123 Views
Last Modified: 2010-08-05
Hello -

I have a specific application that requires a change to IE to work correctly. Before I get stuck applying this change to 85 computers manually, does anyone know if this setting can be manipulated via group policy? Here is the required change:

In IE, go to "Tools", then "Internet Options".
Click on the "Security" tab.
Click on "Local intranet", then click "Sites".
Click "Advanced".
Add the following in the first text box: "https://servername", then click "Add".
Click "OK" until the windows close.

Thanks in advance, y'all!
J
0
Comment
Question by:zeroiq01
2 Comments
 

Accepted Solution

by:
sutherlandandrew earned 317 total points
ID: 17901109
You betcha.

from MS:

MACHINE      Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page Site to Zone Assignment List

Reg key: HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings!ListBox_Support_ZoneMapKey

req: at least Internet Explorer v6.0 in Windows XP Service Pack 2 or Windows Server 2003 Service Pack 1      

Description:
This policy setting allows you to manage a list of sites that you want to associate with a particular security zone. These zone numbers have associated security settings that apply to all of the sites in the zone.  Internet Explorer has 4 security zones, numbered 1-4, and these are used by this policy setting to associate sites to zones. They are: (1) Intranet zone, (2) Trusted Sites zone, (3) Internet zone, and (4) Restricted Sites zone. Security settings can be set for each of these zones through other policy settings, and their default settings are: Trusted Sites zone (Low template), Intranet zone (Medium-Low template), Internet zone (Medium template), and Restricted Sites zone (High template). (The Local Machine zone and its locked down equivalent have special security settings that protect your local computer.)  If you enable this policy setting, you can enter a list of sites and their related zone numbers. The association of a site with a zone will ensure that the security settings for the specified zone are applied to the site.  For each entry that you add to the list, enter the following information:  Valuename – A host for an intranet site, or a fully qualified domain name for other sites. The valuename may also include a specific protocol. For example, if you enter http://www.contoso.com as the valuename, other protocols are not affected. If you enter just www.contoso.com, then all protocols are affected for that site, including http, https, ftp, and so on. The site may also be expressed as an IP address (e.g., 127.0.0.1) or range (e.g., 127.0.0.1-10). To avoid creating conflicting policies, do not include additional characters after the domain such as trailing slashes or URL path. For example, policy settings for www.contoso.com and www.contoso.com/mail would be treated as the same policy setting by Internet Explorer, and would therefore be in conflict.  Value - A number indicating the zone with which this site should be associated for security settings. The Internet Explorer zones described above are 1-4.  If you disable this policy setting, any such list is deleted and no site-to-zone assignments are permitted.  If this policy is not configured, users may choose their own site-to-zone assignments.

That should be a little easier than manually applying to 80 pcs :)

Andrew
0
 

Expert Comment

by:jodiemr
ID: 25129308
Anybody getting the Event ID 1085 once this is set?
Event Type:	Error

Event Source:	Userenv

Event Category:	None

Event ID:	1085

Date:		19/08/2009

Time:		12:13:17 pm

User:		NT AUTHORITY\SYSTEM

Computer:	M5010253

Description:

The Group Policy client-side extension Internet Explorer Zonemapping failed to execute. Please look for any errors reported earlier by that extension.
 

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Open in new window

0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Step by step guide to Clean and Sort your windows registry! Introduction: Always remember: A Clean registry = Better performance = Save your invaluable time In this article we're going to clear our registry manually! Yes, manually! The e…
Sometimes people don't understand why download speed shows differently for Windows than Linux.Specially, this article covers and shows the solution for throughput difference for Windows than a Linux machine. For this, I arranged a test scenario.I…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now