(imported topic written by SystemAdmin)
Hello,
Is there a way to use Bigfix to add a trusted site to internet explorer?
(imported comment written by dgibson91)
You need to set a current user registry key.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\SERVERNAME
“*”=dword:00000002
Your action would look like :
regset “” “*”=dword:00000002
And your relevance might look like this:
(not exists key “SERVERNAME” of it or value “*” of key “SERVERNAME” of it != 2 ) of key “Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains” of key whose ((it = name of current user as lowercase OR it starts with name of current user as lowercase & “@”) of (it as string as lowercase) of value “Logon User Name” of key “Software\Microsoft\Windows\CurrentVersion\Explorer” of it) of key “HKEY_USERS” of registry
I haven’t tested this action, but we use a custom program to set the same key at logon and it is working fine. You will have set it as an open action that always reapplies, since it will need to run for any user that logs in.
(imported comment written by SystemAdmin)
Hello,
Thanks for the info. I manually added a site to the trusted sites and this matches the registry location you specified. I will test deploy the action and see what melts down. BTW what are all of the other sites that are contained within this key? Are these every site visited?
(imported comment written by SystemAdmin)
I was wondering since this adding the trusted site needs to apply to all user’s profiles if using the key HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains would be better?
(imported comment written by dgibson91)
I don’t think the .default key works that way. I think that whatever you put in this key would get copied to any new profiles created. So it may work if no one has ever logged in before. You can try it and see if it works. Also try putting it under HKEY_LOCAL_MACHINE, that may work too.
The other sites may be defined restricted sites or local intranet sites. * value =2 means trusted, 0 is local computer, 1 means local intranet, 3 is internet, and 4 is restricted. On a server with protected internet mode enabled, it asks you to add every site to trusted sites. Maybe that is what you are seeing.