Solved

Adding site to local intranet security.

Posted on 2016-07-18
4
52 Views
Last Modified: 2016-07-19
I am trying the below to add a few sites to the local intranet of my IE browser in a GPO and apply it to an OU that contains a Windows 2012 RDS server.   After login as a user and run GPUpdate /force, I open up IE>internet options>local intranet>site>advanced, I do not see the sites I added in GPO.  If someone sees something missing, please advise.  Thanks...


Edit User Configuration/Polices/Windows settings/Internet Explorer Maintenance/Security
Double click Security Zones and Content Ratings
Chose Import the current security zones and privacy settings
Click Continue, then click Modify Settings.
In the Internet Properties windows chose Security tab, then click Local intranet, click Sites to add a few sites.
0
Comment
Question by:nav2567
  • 2
4 Comments
 
LVL 28

Expert Comment

by:Michael Pfister
ID: 41718991
Better use : User Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> Internet Control Panel -> Security Page

Enable the “Site to Zone Assignment List” and edit the list, see

https://blogs.msdn.microsoft.com/microsoft_press/2014/04/14/from-the-mvps-setting-internet-explorer-trusted-site-settings-via-group-policy-object-in-windows-server-2012-r2/
0
 

Author Comment

by:nav2567
ID: 41719184
Thanks.

Just tried User Configuration -> Administrative Templates -> Windows Components -> Internet Explorer -> Internet Control Panel -> Security Page-> Enable the “Site to Zone Assignment List” and add the site.  

I still do not see the added link being shown in IE>internet options>local intranet>site>advanced from the RDS server's IE option.
0
 
LVL 28

Accepted Solution

by:
Michael Pfister earned 500 total points
ID: 41719213
Are you able to run a RSOP (rsop.msc) on the RDS system as the user that should get the GPO applied?
Or use GPMC to run a remote RSOP and verifiy the GPO and its settings get applied.
0
 
LVL 42

Expert Comment

by:kevinhsieh
ID: 41719316
This is expected behavior.  If you want to apply user settings to a computer OU,  you need to enable group policy loopback processing.

http://kudratsapaev.blogspot.com/2009/07/loopback-processing-of-group-policy.html
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolve DNS query failed errors for Exchange
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question