I am attempting to load some sites into the trusted sites on my domain via Group Policy. I have a windows 2008 domain with 1 W2K8 R2 domain controller and 3 W2K8 domain controllers. We are operating at a Windows Server 2008
function domain level.
In GP Mgmt Editor, I drill down to User Config|Policies|Windows Settings|IE Maintenance|Security|Security Zones and Content Ratings
Within Properties of Security Zones and Content Ratings, I have selected Import the current security zones and privacy settings
and then click modify settings.
I add the 8 sites I want (a mix of both http://
with the "Require https://
I wait for the policy to propagate and login to my test machine with a user that is within scope of the enabled GPO and do not see my additions. (IE Enhanced Security is disabled).
When I check the settings of the GPO in the GPM console, drilling down to:
User Configuration (Enabled) |Policies | Windows Settings | Internet Explorer Maintenance | Security/Security Zones and Content Ratings | Security Zones and Privacy | Trusted sites (Security Level: Medium)
I see the following settings (posted in code block at end), and my changes do not appear in "Sites in this zone".
Any clues, hints, or suggestions??
.NET Framework-reliant componentsRun components not signed with Authenticode Enable
Run components signed with Authenticode Enable
ActiveX controls and plug-insDownload signed ActiveX controls Prompt
Download unsigned ActiveX controls Disable
Initialize and script ActiveX controls not marked as safe Disable
Run ActiveX controls and plug-ins Enable
Script ActiveX controls marked safe for scripting Enable
DownloadsFile download Enable
Font download Enable
Microsoft VMJava permissions High safety
MiscellaneousAccess data sources across domains Disable
Allow META REFRESH Enable
Display mixed content Prompt
Don't prompt for client certificate selection when no certificates or only one certificate exists Disable
Drag and drop or copy and paste files Enable
Launching programs and files in an IFRAME Prompt
Navigate sub-frames across different domains Disable
Submit nonencrypted form data Enable
Userdata persistence Enable
ScriptingActive scripting Enable
Allow paste operations via script Prompt
Scripting of Java applets Enable
User AuthenticationLogon Automatic logon only in Intranet zone
SitesRequire server verification (https:) for all sites in this zone Disabled
Sites in this zone