Set Trusted Local Intranet Zone - Trusted Sites - Group Policy + IE8 ADM - Blog - Networks | Email | Mobile | Websites | Online Marketing - Vancouver, Canada

Wednesday

Jul152009

Set Trusted Local Intranet Zone - Trusted Sites - Group Policy + IE8 ADM

Wednesday, July 15, 2009 at 4:40PM

Getting the latest inetres.adm (IE8 ADM) setup on your domain controller/GPO:

First thing to do is install IE8 on the server.

Then locate the inetres.adm probably in the %WINDIR%\inf\ folder.

Edit your GPO for Internet Explorer settings (or create a fresh one if you don't already have one).

Expand Local Computer Policy, expand Computer Configuration

Right click on Administrative Templates. If you see Inetres template on this list, click Remove, and then click Close

Right click on Administrative Templates and click on Add/Remove Templates. Click Add and locate inetres.adm in %WINDIR%\inf\ and click Open to add it again.

Getting rid of the IE8 nag screens when signing into a new user profile - useful for Terminal Servers:

Computer Templates - Administrative Templates - Windows Components/Internet Explorer
Prevent performance of First Run Customize settings - Enabled (and go directly to homepage)

Setting up Trusted Zones for all your users on the network:

Edit your IE settings GPO (or create a new one) with the following -

Computer Configuration - Administrative Templates - Windows Components - Internet Explorer - Internet Control Panel - Security Page - Site to Zone Assignment List - Enabled

Then click the Show button - and add the appropriate Value Name and Value - eg: http://www.mysite.com with a value of 2 for Trusted Sites Zone, or 1 for Intranet Zone

NOTE: Users can not modify the list themselves, it is locked down via this GPO.

5 Comments |

tagged

ADM,

group policy,

ie8,

trusted local intranet zone,

trusted sites in

windows

View Printer Friendly Version

Reader Comments (5)

both suggestions are very useful. Thank you!

March 27, 2010 |

Daniel

Awesome!!! Just what I needed. thank you

September 7, 2010 |

Carlos M

Excellent. Just what we were looking for. Thx
Slight problem.. Partially works...
We run a Citrix environment .. The GP seemed to work for some users on some Citrix Servers, and not for other users. A particular user would see the Intranet zone on one server and not another. All servers Server 2003, All IE8, All same rev of Citrix. Other users may not see the Intranet Zone at all. All users part of default domain policy as Authenticated users.
Must be some other settign somewhere that is required for a TS environment?

November 4, 2010 |

Dave

question, after I have locked this down, how do I as an admin go into a users profile to manually add a specific site to one of hte users trusted sites?

September 15, 2011 |

justin

Administrative templates will work, however, if you want to prepopulate the list AND allow a user to add their own trusted sites, it will be grayed out using the above. As an alternative,
you need to set the trusted sites at the following location.

1. Open GPMC

2. Edit policy

3. User Configuration -> Policies -> Windows Settings -> Internet Explorer Maintenance

RT click on Security and choose "preference mode"
The go to -> security -> security zones and content ratings -> select - import the current security zomes and privacy settings -> modify settings -> security tab -> sites -> add sites to trusted sites
4. Apply this policy
Users will also be able to add sites to trusted sites after this and will also have the sites you added.

September 27, 2011 |

J. Farrell

Post a New Comment

Enter your information below to add a new comment.

My response is on my own website »

Author:

Author Email (optional):

Author URL (optional):

Post:

↓ | ↑

All HTML will be escaped. Hyperlinks will be created for URLs automatically.