reg add syntax for adding site to local intranet in internet options

alyas404
alyas404 used Ask the Experts™
on
I'm wanting to remove the open file security warning on my network.
I can do this by adding the local domain to local intranet via 'internet options>security' on the local machine.
I can also manually add the registry key as described in this post:
http://www.experts-exchange.com/Software/Internet_Email/Web_Browsers/Internet_Explorer/Q_24084138.html
I want to create a batch script to do what is described in this article but am having trouble with the syntax.
Could anyone tell me the exact syntax to add the registry key as described in this article?
I don't want any other methods of resolving the original issue this is the method I need to stick to for a multitude of reasons, I just need syntax.
If posted I will comment on the original article for anyone else that may also struggle.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Most Valuable Expert 2018
Distinguished Expert 2018

Commented:
Try the script below; it's using variables to make it a bit easier to understand and configure:
@echo off
REM *** Domain or host name:
set Domain=some.domain.local
REM *** protocol type to define: *, http, https, ftp:
set protocol=*
REM *** Zone: 1=Intranet, 2=Trusted, 3=Internet, 4=Restricted
set zone=1
reg add "HKCU\software\microsoft\windows\current version\internet settings\zonemap\domains\%Domain%" /v "%Protocol%"  /t REG_DWORD /d %Zone% /f

Open in new window

Author

Commented:
Could you please explain what each line is doing?
Most Valuable Expert 2018
Distinguished Expert 2018

Commented:
"@echo off" suppresses the echoing of all the lines in the batch as they're processed.
Lines starting with REM are remarks; they don't do anything except explaining.
The lines starting with "set" set environment variables to the values defined. To access these values, you need to enclose the variable name in percent signs:

set var=Hello World.
echo Value of var: %var%

The reg command is the line that does the job.

Nice scripting resource: http://www.robvanderwoude.com/
Success in ‘20 With a Profitable Pricing Strategy

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Author

Commented:
operation completes successfully can seereg key added etc but then run the batch script again and still get error warning.
What should the settings be in the example below:
On my computer I navigate to a share within my domain.local.
From there I run a .bat file, when I run it I get open file security warning.
I'm guessing it just a case of the wront protocol
Most Valuable Expert 2018
Distinguished Expert 2018

Commented:
Check the "Launching applications and unsafe files" option in the security settings of the Local Intranet zone and make sure that this is set to "Allow".

Author

Commented:
Sorry, I'm looking for a way to do this remotely so ticking boxes etc is not what I am after.
If anyone can help with the original question I would be very grateful
Most Valuable Expert 2018
Distinguished Expert 2018
Commented:
That setting can be distributed with a GPO, but you obviously first need to find out which settings are causing the warning before you can implement a change preventing it.
Commented:
I realise I could do this as a GPO but there is a complex change management procedure setup which does not cover scripting with psexec etc and I was in a rush to get this done.
background story access to changes to login script GPO servers etc is difficult without following this convoluted process (which I have since negotiated a much more simplified structure which gives me a  lot more control).
I setup psexec to copy a shortcut to a script to the startup folder of every PC via scheduled tasks, that way I could make changes to just one script and everytime the startup folder was called on login the script would run.
However the PCs were getting the open file security warning and I wanted it to be seamless so knowone would know how I was getting around the process.
anyway, I manually added our domain to local on every machine as the users so the popups stopped and then negotiated a way to gain access to the tools I needed to do the job I had been hired for

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial