site to zone assignment list registry

I applied a site to zone assignment list using GPO. I want to verify they are being applied. When I go to a domain machine I cant scroll down to see all the sites I added. I was thinking I could go to the registry here:


http://gpsearch.azurewebsites.net/#1493

But when I go there I dont see a list of sites. Anybody have a somewhere I can look to make sure the policy is being applied to the machines correctly?
Thomas NSystems Analyst - Windows System AdministratorAsked:
Who is Participating?
 
CoralonConnect With a Mentor Commented:
The best way to check is to run a gpresult /h <filenname>.htm on the machine with the user account that should be affected by the policy.  The resulting HTML file will show you the results of the various policies and which policy "won" each of the settings.   (Just be aware of where you set the policy -- machine level or user level; and if it is machine level, if you are using loopback processing).  

Another good way to check is to again, logon to the correct machine with the correct account, open up Internet Explorer, go to the site, and then go to Tools | Internet Options | Security, and the zone you are in will be the one highlighted.  

But there are 2 keys at each level you should be able to check for the said assignments:
Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\<domainname>
<protocol> = 0x<zone> REG_DWORD
Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\<domainname>
<protocol> = 0x<zone> REG_DWORD

Open in new window


Now.. protocol is the protocol handler you want specified, such as http, https, ftp, or even * (for all protocol handlers).
The zone number is one of 5 zones:
0 - this is the same as the local computer.. it is not visible graphically, but *is* available
1 - Local Intranet
2 - Trusted Sites
3 - Internet Zone
4 - Untrusted Sites

The domain name is specific to the name specified, and it can be wildcarded..
So, adding a domain as *.domain.tld will affect all connections going to any sub zone of domain.tld (tld meaning top level domain).  If you put in http://*.domain.tld then it will affect any subzone of tld using the http protocol, but https will remain unaffected, etc.

Coralon
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.