none
GPO: IE 8 - Trusted Sites RRS feed

  • Question

  • Has anyone come across this before?

    I have a user-based GPO for IE settings. Specifically, I modified the: Policies | Administrative Templates | Windows Components | Internet Explorer | Internet Control Panel section and subsections.

    In the above GPO, for the Trusted Zone, I set "Display mixed content" to Enabled.

    I then added some sites into the Trusted Zone using the "Site to Zone Assignment List".  I tried the following combinations:

    I did a gpupdate /target:user /force and then logged off and logged on.  Unfortunately, I still get that annoying pop up asking if I want to view only the webpage content that was delivered securely.  I set the "Display mixed content" setting within the Trusted Sites Zone and then tried the Locked-Down Trusted Sites Zone but I keep getting that pop-up.

    STRANGELY, if I modify the "Display mixed content" setting within the Internet Zone, then it behaves nicely. I do not get that pop-up.

    It seems that that "Site to Zone Assignment List" is not being enforced properly. That is, the "test.com" is not being treated as a Trusted Zone.  When I view the Internet Options off the IE 8 client, I see that the site is there.  I also see the same within the registry.  GP Results wizard shows that everything is applied.  Has anyone seen this before?

    We are running Windows 2008 domain controllers, Windows 7 client workstations and IE 8.

    Thank you in advance.


    • Edited by Dave-LVP Tuesday, May 14, 2013 3:08 PM
    Tuesday, May 14, 2013 3:07 PM

Answers

  • I can't mark my own answer as complete, but I figured it out.

    We ran httpwatch (free version) and had the user browse to the specific site.  The app revealed that the user was pulling down a gif file from a different third party site via HTTP.  The site seemed innocuous enough so we added that other domain to our Trusted Site zone and everything worked fine after that.

    Note the gpupdate /target:user /force was done but things didn't work until the user closed out of all browser sessions and then went back to the URL.

    Tuesday, May 14, 2013 3:31 PM