I’m now in an environment where the end users don’t have access to any of the Tabs in Internet Options. So they can’t add their own Trusted Sites. Apparently this was never an problem until they needed to run software on a Bank’s Website.
I needed a way to manage their Trusted Sites for them and luckily Group Policy provides that way. In this case I edited the GPO that also denied their access to the Internet Options Tabs.
Once in the Group Policy Editor for the policy of choice:
- Browse to User Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/
- Enable the Site to Zone Assignment List
- Click Show
- Click Add to add a web site to the list
- Value Name = url (ie. https://somedomain.com)
- Value = # of zone assignment (Trusted Sites = 2)
This could be used to assign sites to any of the 4 zones.
- Intranet Zone
- Trusted Sites Zone
- Internet Zone
- Restricted Sites Zone.
I also set the Trusted Site Zone to the default Low setting. Which is done at
- User Configuration/Administrative Templates/Windows Components/Internet Explorer/Internet Control Panel/Security Page/
- Enable Trusted Sites Zone Template
- Pick Low on the Trusted Sites drop down.