mcburn13
asked on
Site to Zone Wildcard Syntax (Internet Explorer policy)
I am troubleshooting some Internet Explorer ZoneMapping event log errors, and it seems some (or more) of the many entries we have in our group policy are using the incorrect syntax. The MS article ( http://support.microsoft.c om/kb/1844 56 ) seems to be lacking some information, like
1) Is it ok to use a trailing slash for the URL?
2) " " wildcard (*) after the trailing slash?
3) Can we use port numbers in the syntax?
4) can you use a URL that has only a hostname with trailing wildcard (e.g. http://HOSTNAME* or *://HOSTNAME* ???)
5) can you specify a pagename? (e.g. http://sub.domain.com/vdir/page.asp ??)
The Event log doesn't show which ones are malformed so I am scratching my head a little and want to make sure I don't grind business to a halt by not-allowing some of these web apps to run as expected
1) Is it ok to use a trailing slash for the URL?
2) " " wildcard (*) after the trailing slash?
3) Can we use port numbers in the syntax?
4) can you use a URL that has only a hostname with trailing wildcard (e.g. http://HOSTNAME* or *://HOSTNAME* ???)
5) can you specify a pagename? (e.g. http://sub.domain.com/vdir/page.asp ??)
The Event log doesn't show which ones are malformed so I am scratching my head a little and want to make sure I don't grind business to a halt by not-allowing some of these web apps to run as expected
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Wild cards are not supported for ActiveXapproval list on IE7, don't use the Wild cards (*.) while adding site to ActiveXapproval list add the full site address
This is only for ActiveXapproval list for trusted site list you can use the Wild cards
http://www.windowstricks.in/2010/11/configuring-trusted-website-and-activex.html
This is only for ActiveXapproval list for trusted site list you can use the Wild cards
http://www.windowstricks.in/2010/11/configuring-trusted-website-and-activex.html
ASKER
we aren't doing an activexapproval list this is just a site to zone setting in our IE group policy. As the http://support.microsoft.com/kb/184456 documentation doesn't go into any detail it DOES allow for two wildcards at the beginning but I have read varying things on the trailing wildcards. Some say if you want to do a wildcard for a whole class b subnet you would do it like x.x.*.* and x.x.* doesn't work. Others say don't use a trailing / on the URL and don't use a wildcard on the end of it (with or without slash). why would someone just use *.domain.com instead of *://*.domain.com I don't see the benefit but maybe I'm missing something. Part of the reason I'm posting this is to get a few experts who absolutely know definitively on this (as we are just somewhat "guessing")- then this article can serve to help others in the future...
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
def don't mind accepting multiple solutions here but still wanted to give some more experts a chance to chime in on this- again in the hope that this helps others going through the same thing...
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
part of the reason I found myself through trial and error
ASKER
6) Using a wildcard on a subnet for IP like: http://10.0.2.* or https://10.3.*
Is there a way to get more granular logging to find out which ones are throwing the errors?