antonsen.net

cannot set IE security zone sites via GPO

Posted on September 15th, 2009 by eivind
Posted in Technical | No Comments »

WARNING:

The solution to this problem requires you to edit the registry,
always make backup before implementing,
and if you do not know what you’re doing, don’t do it !

If you’re having problems setting IE security zone sites via GPO, this registry key may be the cause:
“HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains”

I’ve found that if anything is registered under this key, whatever you set in GPO will not be applied.

Solution: Delete the “Domains” key and all subkeys with the following vb script

On Error Resume Next

Const HKEY_CURRENT_USER = &H80000001

strComputer = “.”
strKeyPath = “Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains”

Set objRegistry = GetObject(“winmgmts:\\” & _
strComputer & “\root\default:StdRegProv”)

DeleteSubkeys HKEY_CURRENT_USER, strKeypath

Sub DeleteSubkeys(HKEY_CURRENT_USER, strKeyPath)
objRegistry.EnumKey HKEY_CURRENT_USER, strKeyPath, arrSubkeys

If IsArray(arrSubkeys) Then
For Each strSubkey In arrSubkeys
DeleteSubkeys HKEY_CURRENT_USER, strKeyPath & “\” & strSubkey
Next
End If

objRegistry.DeleteKey HKEY_CURRENT_USER, strKeyPath
End Sub

Thanks to The Microsoft Scripting Guys for example script

Tagged With: cannot set IE security zone sites via GPO

M	T	W	T	F	S	S
« Apr
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30

cannot set IE security zone sites via GPO

Leave a Reply

Categories

Tools

Archives

Blogroll

Links

Meta

Spam Blocked