I use DFS on my windows 2008 R2 network. I redirect people's My Documents folder to a domain-based DFS share. The share is \\Domain.local\share
When I redirect users in group policy to \\domain\share (without the .local) it works perfectly fine with no problems. However, if I change this in group policy to \\domain.local\share which is the actual name of the share, users get a warning when trying to open My Documents that says "This page has an unspecified potential security risk. Would you like to continue?"
I've done some research and found some references saying the "domain.local" needs to be added to trusted sites. But why? It is the name of the domain. The clients are members of the domain already. Why would it need to be added? My guess is that I have something else configured incorrectly somewhere with DNS or something like that.