Internet Explorer Enhanced Security and Group Poilicy
Posted on 2010-09-08
I’ve been trying (unsuccessfully) to distribute a set of local Intranet web-addresses over group policy to all XP SP3 clients in my domain. Basically the sites should be added locally to Internet Options, Security, Local Intranet, Sites, Advanced, Add.
I’ve achieved this (I believe) with the following instructions:
01. Log on as a member of the Domain Admins group.
02. Open the Active Directory Users and Computers MMC snap-in.
03. Right-click the domain or Organizational Unit where you want to create the GPO and press Properties.
04. Select the Group Policy tab.
05. Press New.
06. Type a name for the new GPO and press Enter.
07. To prevent the policy from being applied to some users or groups, press Properties. Select the Security tab. Add the user or group that you want to prevent from having this policy and clear the Read and the Apply Group Policy boxes in the Allow column. Press OK.
08. Press the Edit button.
09. Navigate through User Configuration / Windows Settings / Internet Explorer Maintenance / Security.
10. Right-click Security Zones and Content Ratings in the right-hand pane and press Properties.
11. Select Import the current security zones and privacy settings. If prompted, press Continue.
12. Press Modify Settings.
13. Select Trusted Sites and press the Sites button.
14. Type the full URL of the site you wish to add and press Add.
15. Press Close (or OK) and OK.
16. Press Close (or OK) until all dialog boxes are closed, and close any snap-in windows.
17. Allow sufficient time for the policy to propagate throughout the domain.
However I don’t see any change when I go into IE at the client end in terms of the listed address being added??
When I also made the group policy change I saw a message about Internet Explorer enhanced security Protection which I don’t understand in terms of the changes passing through to the XP client? I.e. Do I need to make a security change directly on the client PC to push these changes through?
Thanks for your comments to come.