Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IE add trusted site script? 1

Status
Not open for further replies.
jemminger

jemminger

Programmer
Jun 25, 2001
3,453
0
0
US
hi all,

does anyone know of a way to add a "Trusted Site" to Internet Explorer via script, such as wscript or dos? this would be placed in a login script for users on our network domain for our intranet.

thanks


=========================================================
-jeff
try { succeed(); } catch(E) { tryAgain(); } finally { rtfm(); }
 
Sort by date Sort by votes
. Configure Trusted Sites with all the entries you wish.

. Start, Run, regedit and export this key:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\

Name the exported file TrustedSites.reg

. In the logon script add the line:
regedit /s TrustedSites.reg

Why this works: Adding Sites with a Registry Merge

Web sites can be added to the Intranet or Trusted sites zone by directly modifying the registry. The key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains contains the zone mappings under the enhanced security configuration. Each registry key that is below this key in the registry hierarchy is a Web site domain. Each of these keys has values which indicate the allowed protocol and the zone to which that protocol belongs for the domain. A value of 0x001 indicates the Intranet zone and a value of 0x002 indicates the Trusted sites zone.

The following sample shows the entries in a .reg file that are used to add the URL " to the Trusted sites zone.

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\microsoft.com]
@=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\microsoft.com\www.msdn]
"http"=dword:00000002

Source:
 
Upvote 0 Downvote
ok, so i've exported
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]

and modified one entry to represent the site i want to add:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mysite.com]
"*"=dword:00000002

this should add *.mysite.com as a trusted site, since it is similar to how *.microsoft.com was listed.

yet when i save this as "TrustedSites.reg" and run it as
regedit /s TrustedSites.reg

nothing happens...i've done it many times, refreshed the regedit window, made sure IE was closed etc...nothing.

any ideas?

=========================================================
-jeff
try { succeed(); } catch(E) { tryAgain(); } finally { rtfm(); }
 
Upvote 0 Downvote
1. You exported the wrong key. Please see my notes above again.

2. Entries of a trusted site require two entries. For the Microsoft example:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\microsoft.com]
@=""

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\microsoft.com\www.msdn]
"http"=dword:00000002

3. Rather than edit registry entries directly, use Internet Options, Security, Trusted Zones to make all the entries. Then from this test workstation export the registry key.

 
Upvote 0 Downvote
hi bcastner,

1. i don't have the key "EscDomains"...all my current entries that were added via IE are in "Domains"

2. tried this too, before and after manually creating the key "EscDomains"

3. every entry i add ends up in "Domains", not "EscDomains"



=========================================================
-jeff
try { succeed(); } catch(E) { tryAgain(); } finally { rtfm(); }
 
Upvote 0 Downvote
solved...just had to add

Windows Registry Editor Version 5.00

to the top of the .reg file

thanks for your help!



=========================================================
-jeff
try { succeed(); } catch(E) { tryAgain(); } finally { rtfm(); }
 
Upvote 0 Downvote
Hey, I thought I told you to use Regedit and export that key! It would have added REGEDIT4 to the file.

This is a better URL than I gave earlier to the steps invovled:

******** example adds, registry merge. Note different entries depending on URL:

; to add URL so that it checks: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\bcastner.com]
"https"=dword:00000002

; to add URL so that it checks: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\www.bcastner.com]
"https"=dword:00000002
 
Upvote 0 Downvote
I was following through this - only to get hung up at the "jemminger (Programmer)13 Oct 04 12:42. I don't have the "EscDomains" either, all my trusted sites are in "Domains". I see that this same question was asked - but wasn't answered!? Even in the final "13 Oct 04 13:17" post, "EscDomains" isn't referenced - both reg keys use "Domains". What did I miss? Am I supposed to be putting the trusted sites in Domains or EscDomains?
 
Upvote 0 Downvote
SP2 installs seem to have problems with the registry level involved.

I am trying to track this down, but did you carefully make the edit suggested by Forum member jemminger above?

Upper and lower case and spacing are important here.
 
Upvote 0 Downvote
Bill,

You got me all excited then, looking through this post I saw and thought you had decided to put your ramblings down in a blog, or the like.

Imagine my dismay when I realised that you are advertising some dodgy back street real estate business. [bigsmile]

Greg Palmer
Freeware Utilities for Windows Administrators.
 
Upvote 0 Downvote
Oh my god.

No, that is not me, although I have no idea if the real estate offerings are as you describe, "some dodgy back street real estate business", as it seems legitimate albeit a better ad copy editor is advised on my part.

There are several Bill Castner's on the Web, including a golf pro someone accused me of being last month. That is not me either, although I have corresponded with him briefly and he seems a terrificly nice guy. Or informal deal is he will not offer Windows tips, and I will not offer golf tips. We have, like the civialized gentleman we are, have lived with this agreement in peace for several years.

Best wishes, you goof,
April Fools's Day in the US was several days ago.
Bill

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

DTGMI
  • Locked
  • Question
WIN 10 Pro PC & Adding back to our Network
Replies
1
Views
102
pjw001
pjw001
keithinoz
  • Locked
  • Question
add ip address to quick access 2
Replies
4
Views
166
keithinoz
keithinoz
iNotes4You
  • Locked
  • Question
Microsoft IExpress 'Extract-To'-Option
Replies
2
Views
180
iNotes4You
iNotes4You
DrB0b
  • Locked
  • Question
Windows CE 6.5 Browser that isnt IE
Replies
1
Views
66
xwb
xwb
DrB0b
  • Locked
  • Question
Possibly malware/script but not sure what or how
Replies
7
Views
65
Edward Cramer
Edward Cramer

Part and Inventory Search

Sponsor

Back
Top