| Author | Messages | |
AD000001365
Posts:0
 | | 09/27/2005 1:31 AM |
| Gentlemen
I need to come up with policy for IE
I believe. We have a Sharepoint portal running. When initially the
user goes their on a new drive the Digital Dashboard tries to install.
Currently with the security level that is set it wont install unless an admin
logs into the machine and goes to the website. My question is. If I
set the Portal web page as a trusted site which it is as its internal web
site. Would the Digital Dashboard install correctly with no further action
needed. Trusted sites security was not changed from its default
settings.
Jeff | | | |
| AD000001365
Posts:0
| | 09/28/2005 5:13 AM |
| At a lose here.. I setup a policy that added the trusted
sites but it doesnt appear this is doing anything as the trusted sites are not
being added. The IEAK communite group is of no help. Anyone had any
success modifying the trusted sites thru policy?
Jeff
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Cothern Jeff D.
Team EITCSent: Tuesday, September 27, 2005 9:31 AMTo:
ActiveDir@xxxxxxxxxxxxxxxxxxSubject: [ActiveDir] Working on policy
for IE
Gentlemen
I need to come up with policy for IE
I believe. We have a Sharepoint portal running. When initially the
user goes their on a new drive the Digital Dashboard tries to install.
Currently with the security level that is set it wont install unless an admin
logs into the machine and goes to the website. My question is. If I
set the Portal web page as a trusted site which it is as its internal web
site. Would the Digital Dashboard install correctly with no further action
needed. Trusted sites security was not changed from its default
settings.
Jeff | | | |
| AD000001286
Posts:0
| | 09/28/2005 5:22 AM |
| One
thing I noticed in trusted sites GPO is that you should almost always uncheck
https sites only, otherwise any non https site added in there invalidates the
policy and it never applies, even though gpresult says it does apply. I
hope this helps. It does work fine for us.
Regards,
David
Chianese RHCE,
MCSE+I, CNE, CNA
-----Original Message-----From:
ActiveDir-owner@xxxxxxxxxxxxxxxxxx [mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx]
On Behalf Of Cothern Jeff D. Team EITCSent: Wednesday,
September 28, 2005 1:12 PMTo:
ActiveDir@xxxxxxxxxxxxxxxxxxSubject: RE: [ActiveDir] Working on
policy for IE
At a lose here.. I setup a policy that added the trusted
sites but it doesnt appear this is doing anything as the trusted sites are not
being added. The IEAK communite group is of no help. Anyone had
any success modifying the trusted sites thru policy?
Jeff
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Cothern Jeff
D. Team EITCSent: Tuesday, September 27, 2005 9:31 AMTo:
ActiveDir@xxxxxxxxxxxxxxxxxxSubject: [ActiveDir] Working on policy
for IE
Gentlemen
I need to come up with policy for
IE I believe. We have a Sharepoint portal running. When initially
the user goes their on a new drive the Digital Dashboard tries to
install. Currently with the security level that is set it wont install
unless an admin logs into the machine and goes to the website. My
question is. If I set the Portal web page as a trusted site which it is
as its internal web site. Would the Digital Dashboard install correctly
with no further action needed. Trusted sites security was not
changed from its default settings.
Jeff | | | |
| AD000001365
Posts:0
| | 09/28/2005 5:38 AM |
| I verified in the policy that the box is NOT
checked. Perhaps I am not doing something correctly. So I will
go thru the steps I did.
Created a new policy. Went under IE
maintenance. THen Security. Double clicked on Security
Zones and Content Rating.
Checked import current settings then clicked on modify
settings. Once in modify settings I went to Trusted Sites \
settings and unchecked the Require Server verification. I then
entered *.domain.com and clicked Add. Then hit OK out to the policy.
Closed that and had it apply to the machine.
Logged into machine. GPupdate \force then rebooted
machine. Logged in as standard user. No
change.
Jeff
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of CHIANESE,
DAVIDSent: Wednesday, September 28, 2005 1:21 PMTo:
ActiveDir@xxxxxxxxxxxxxxxxxxSubject: RE: [ActiveDir] Working on
policy for IE
One
thing I noticed in trusted sites GPO is that you should almost always uncheck
https sites only, otherwise any non https site added in there invalidates the
policy and it never applies, even though gpresult says it does apply. I
hope this helps. It does work fine for us.
Regards,
David
Chianese RHCE,
MCSE+I, CNE, CNA
-----Original Message-----From:
ActiveDir-owner@xxxxxxxxxxxxxxxxxx [mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx]
On Behalf Of Cothern Jeff D. Team EITCSent: Wednesday,
September 28, 2005 1:12 PMTo:
ActiveDir@xxxxxxxxxxxxxxxxxxSubject: RE: [ActiveDir] Working on
policy for IE
At a lose here.. I setup a policy that added the trusted
sites but it doesnt appear this is doing anything as the trusted sites are not
being added. The IEAK communite group is of no help. Anyone had
any success modifying the trusted sites thru policy?
Jeff
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Cothern Jeff
D. Team EITCSent: Tuesday, September 27, 2005 9:31 AMTo:
ActiveDir@xxxxxxxxxxxxxxxxxxSubject: [ActiveDir] Working on policy
for IE
Gentlemen
I need to come up with policy for
IE I believe. We have a Sharepoint portal running. When initially
the user goes their on a new drive the Digital Dashboard tries to
install. Currently with the security level that is set it wont install
unless an admin logs into the machine and goes to the website. My
question is. If I set the Portal web page as a trusted site which it is
as its internal web site. Would the Digital Dashboard install correctly
with no further action needed. Trusted sites security was not
changed from its default settings.
Jeff | | | |
| AD000001286
Posts:0
| | 09/28/2005 6:07 AM |
| What
does gpresult say? Is it applying the policy?
David
Chianese
-----Original Message-----From:
ActiveDir-owner@xxxxxxxxxxxxxxxxxx [mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx]
On Behalf Of Cothern Jeff D. Team EITCSent: Wednesday,
September 28, 2005 1:37 PMTo:
ActiveDir@xxxxxxxxxxxxxxxxxxSubject: RE: [ActiveDir] Working on
policy for IE
I verified in the policy that the box is NOT
checked. Perhaps I am not doing something correctly. So I will
go thru the steps I did.
Created a new policy. Went under IE
maintenance. THen Security. Double clicked on Security
Zones and Content Rating.
Checked import current settings then clicked on modify
settings. Once in modify settings I went to Trusted Sites \
settings and unchecked the Require Server verification. I then
entered *.domain.com and clicked Add. Then hit OK out to the policy.
Closed that and had it apply to the machine.
Logged into machine. GPupdate \force then rebooted
machine. Logged in as standard user. No
change.
Jeff
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of CHIANESE,
DAVIDSent: Wednesday, September 28, 2005 1:21 PMTo:
ActiveDir@xxxxxxxxxxxxxxxxxxSubject: RE: [ActiveDir] Working on
policy for IE
One
thing I noticed in trusted sites GPO is that you should almost always uncheck
https sites only, otherwise any non https site added in there invalidates the
policy and it never applies, even though gpresult says it does apply. I
hope this helps. It does work fine for us.
Regards,
David
Chianese RHCE,
MCSE+I, CNE, CNA
-----Original
Message-----From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Cothern Jeff
D. Team EITCSent: Wednesday, September 28, 2005 1:12
PMTo: ActiveDir@xxxxxxxxxxxxxxxxxxSubject: RE:
[ActiveDir] Working on policy for IE
At a lose here.. I setup a policy that added the
trusted sites but it doesnt appear this is doing anything as the trusted
sites are not being added. The IEAK communite group is of no
help. Anyone had any success modifying the trusted sites thru
policy?
Jeff
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Cothern Jeff
D. Team EITCSent: Tuesday, September 27, 2005 9:31
AMTo: ActiveDir@xxxxxxxxxxxxxxxxxxSubject: [ActiveDir]
Working on policy for IE
Gentlemen
I need to come up with policy
for IE I believe. We have a Sharepoint portal running. When
initially the user goes their on a new drive the Digital Dashboard tries to
install. Currently with the security level that is set it wont install
unless an admin logs into the machine and goes to the website. My
question is. If I set the Portal web page as a trusted site which it
is as its internal web site. Would the Digital Dashboard install
correctly with no further action needed. Trusted sites security
was not changed from its default settings.
Jeff | | | |
| AD000001365
Posts:0
| | 09/28/2005 7:00 AM |
| Yes it says it is applied but when I go in and look it says
no sites when I am looking under trusted sites.
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of CHIANESE,
DAVIDSent: Wednesday, September 28, 2005 2:06 PMTo:
ActiveDir@xxxxxxxxxxxxxxxxxxSubject: RE: [ActiveDir] Working on
policy for IE
What
does gpresult say? Is it applying the policy?
David
Chianese
-----Original Message-----From:
ActiveDir-owner@xxxxxxxxxxxxxxxxxx [mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx]
On Behalf Of Cothern Jeff D. Team EITCSent: Wednesday,
September 28, 2005 1:37 PMTo:
ActiveDir@xxxxxxxxxxxxxxxxxxSubject: RE: [ActiveDir] Working on
policy for IE
I verified in the policy that the box is NOT
checked. Perhaps I am not doing something correctly. So I will
go thru the steps I did.
Created a new policy. Went under IE
maintenance. THen Security. Double clicked on Security
Zones and Content Rating.
Checked import current settings then clicked on modify
settings. Once in modify settings I went to Trusted Sites \
settings and unchecked the Require Server verification. I then
entered *.domain.com and clicked Add. Then hit OK out to the policy.
Closed that and had it apply to the machine.
Logged into machine. GPupdate \force then rebooted
machine. Logged in as standard user. No
change.
Jeff
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of CHIANESE,
DAVIDSent: Wednesday, September 28, 2005 1:21 PMTo:
ActiveDir@xxxxxxxxxxxxxxxxxxSubject: RE: [ActiveDir] Working on
policy for IE
One
thing I noticed in trusted sites GPO is that you should almost always uncheck
https sites only, otherwise any non https site added in there invalidates the
policy and it never applies, even though gpresult says it does apply. I
hope this helps. It does work fine for us.
Regards,
David
Chianese RHCE,
MCSE+I, CNE, CNA
-----Original
Message-----From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Cothern Jeff
D. Team EITCSent: Wednesday, September 28, 2005 1:12
PMTo: ActiveDir@xxxxxxxxxxxxxxxxxxSubject: RE:
[ActiveDir] Working on policy for IE
At a lose here.. I setup a policy that added the
trusted sites but it doesnt appear this is doing anything as the trusted
sites are not being added. The IEAK communite group is of no
help. Anyone had any success modifying the trusted sites thru
policy?
Jeff
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Cothern Jeff
D. Team EITCSent: Tuesday, September 27, 2005 9:31
AMTo: ActiveDir@xxxxxxxxxxxxxxxxxxSubject: [ActiveDir]
Working on policy for IE
Gentlemen
I need to come up with policy
for IE I believe. We have a Sharepoint portal running. When
initially the user goes their on a new drive the Digital Dashboard tries to
install. Currently with the security level that is set it wont install
unless an admin logs into the machine and goes to the website. My
question is. If I set the Portal web page as a trusted site which it
is as its internal web site. Would the Digital Dashboard install
correctly with no further action needed. Trusted sites security
was not changed from its default settings.
Jeff | | | |
| jpsalemi
Posts:0
| | 09/28/2005 7:10 AM |
| Hi Jeff...
Might I suggest putting the sites you wish to be in the trusted sites on
your Internet Options on your administrative machine, then open the policy,
and tell it to import. It works fine here doing it that way.
John
"Cothern Jeff D.
Team EITC"
Sent by: cc
ActiveDir-owner@m
ail.activedir.org Subject
RE: [ActiveDir] Working on policy
for IE
09/28/2005 01:56
PM
Please respond to
ActiveDir@xxxxxxx
tivedir.org
Yes it says it is applied but when I go in and look it says no sites when I
am looking under trusted sites.
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of CHIANESE, DAVID
Sent: Wednesday, September 28, 2005 2:06 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] Working on policy for IE
What does gpresult say? Is it applying the policy?
David Chianese
-----Original Message-----
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Cothern Jeff D.
Team EITC
Sent: Wednesday, September 28, 2005 1:37 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] Working on policy for IE
I verified in the policy that the box is NOT checked. Perhaps I am
not doing something correctly. So I will go thru the steps I did.
Created a new policy. Went under IE maintenance. THen Security.
Double clicked on Security Zones and Content Rating.
Checked import current settings then clicked on modify settings.
Once in modify settings I went to Trusted Sites \ settings and
unchecked the Require Server verification. I then entered
*.domain.com and clicked Add. Then hit OK out to the policy. Closed
that and had it apply to the machine.
Logged into machine. GPupdate \force then rebooted machine. Logged
in as standard user. No change.
Jeff
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of CHIANESE,
DAVID
Sent: Wednesday, September 28, 2005 1:21 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] Working on policy for IE
One thing I noticed in trusted sites GPO is that you should almost
always uncheck https sites only, otherwise any non https site added
in there invalidates the policy and it never applies, even though
gpresult says it does apply. I hope this helps. It does work fine
for us.
Regards,
David Chianese RHCE, MCSE+I, CNE, CNA
-----Original Message-----
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Cothern Jeff
D. Team EITC
Sent: Wednesday, September 28, 2005 1:12 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] Working on policy for IE
At a lose here.. I setup a policy that added the trusted sites
but it doesnt appear this is doing anything as the trusted
sites are not being added. The IEAK communite group is of no
help. Anyone had any success modifying the trusted sites thru
policy?
Jeff
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of
Cothern Jeff D. Team EITC
Sent: Tuesday, September 27, 2005 9:31 AM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: [ActiveDir] Working on policy for IE
Gentlemen
I need to come up with policy for IE I believe. We have a
Sharepoint portal running. When initially the user goes their
on a new drive the Digital Dashboard tries to install.
Currently with the security level that is set it wont install
unless an admin logs into the machine and goes to the website.
My question is. If I set the Portal web page as a trusted site
which it is as its internal web site. Would the Digital
Dashboard install correctly with no further action needed.
Trusted sites security was not changed from its default
settings.
Jeff
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ | | | |
| AD00000777
Posts:0
| | 09/28/2005 8:59 AM |
| Jeff,
You could try looking at BrndLog.TXT under C:\Documents and
Settings\xxxxxx\Application Data\Microsoft\Internet Explorer (xxxxx is the
username)
It gives a detailed log of the IE processing and might give you a hint of
what is happening.
Alan Cuthbertson
Policy Management Software:-
http://www.sysprosoft.com/index.php?ref=activedir&f=pol_summary.shtml
ADM Template Editor:-
http://www.sysprosoft.com/index.php?ref=activedir&f=adm_summary.shtml
Policy Log Reporter(Free)
http://www.sysprosoft.com/index.php?ref=activedir&f=policyreporter.shtml
----- Original Message -----
From:
To:
Sent: Thursday, September 29, 2005 5:07 AM
Subject: RE: [ActiveDir] Working on policy for IE
Hi Jeff...
Might I suggest putting the sites you wish to be in the trusted sites on
your Internet Options on your administrative machine, then open the
policy,
and tell it to import. It works fine here doing it that way.
John
"Cothern Jeff D.
Team EITC"
Sent by: cc
ActiveDir-owner@m
ail.activedir.org Subject
RE: [ActiveDir] Working on policy
for IE
09/28/2005 01:56
PM
Please respond to
ActiveDir@xxxxxxx
tivedir.org
Yes it says it is applied but when I go in and look it says no sites when
I
am looking under trusted sites.
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of CHIANESE, DAVID
Sent: Wednesday, September 28, 2005 2:06 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] Working on policy for IE
What does gpresult say? Is it applying the policy?
David Chianese
-----Original Message-----
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Cothern Jeff D.
Team EITC
Sent: Wednesday, September 28, 2005 1:37 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] Working on policy for IE
I verified in the policy that the box is NOT checked. Perhaps I am
not doing something correctly. So I will go thru the steps I did.
Created a new policy. Went under IE maintenance. THen Security.
Double clicked on Security Zones and Content Rating.
Checked import current settings then clicked on modify settings.
Once in modify settings I went to Trusted Sites \ settings and
unchecked the Require Server verification. I then entered
*.domain.com and clicked Add. Then hit OK out to the policy. Closed
that and had it apply to the machine.
Logged into machine. GPupdate \force then rebooted machine. Logged
in as standard user. No change.
Jeff
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of CHIANESE,
DAVID
Sent: Wednesday, September 28, 2005 1:21 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] Working on policy for IE
One thing I noticed in trusted sites GPO is that you should almost
always uncheck https sites only, otherwise any non https site added
in there invalidates the policy and it never applies, even though
gpresult says it does apply. I hope this helps. It does work fine
for us.
Regards,
David Chianese RHCE, MCSE+I, CNE, CNA
-----Original Message-----
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Cothern Jeff
D. Team EITC
Sent: Wednesday, September 28, 2005 1:12 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] Working on policy for IE
At a lose here.. I setup a policy that added the trusted sites
but it doesnt appear this is doing anything as the trusted
sites are not being added. The IEAK communite group is of no
help. Anyone had any success modifying the trusted sites thru
policy?
Jeff
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of
Cothern Jeff D. Team EITC
Sent: Tuesday, September 27, 2005 9:31 AM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: [ActiveDir] Working on policy for IE
Gentlemen
I need to come up with policy for IE I believe. We have a
Sharepoint portal running. When initially the user goes their
on a new drive the Digital Dashboard tries to install.
Currently with the security level that is set it wont install
unless an admin logs into the machine and goes to the website.
My question is. If I set the Portal web page as a trusted site
which it is as its internal web site. Would the Digital
Dashboard install correctly with no further action needed.
Trusted sites security was not changed from its default
settings.
Jeff
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ | | | |
| mark.parris@xxxx.yyy
| | 09/28/2005 9:04 AM |
| Do you have folder redirection enabled?
-----Original Message-----
From: "Cothern Jeff D. Team EITC"
Date: Wed, 28 Sep 2005 14:56:54
To:
Subject: RE: [ActiveDir] Working on policy for IE
Yes it says it is applied but when I go in and look it says no sites when I am looking under trusted sites.
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx [mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of CHIANESE, DAVID
Sent: Wednesday, September 28, 2005 2:06 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] Working on policy for IE
What does gpresult say? Is it applying the policy?
David Chianese
-----Original Message-----
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx [mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Cothern Jeff D. Team EITC
Sent: Wednesday, September 28, 2005 1:37 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] Working on policy for IE
I verified in the policy that the box is NOT checked. Perhaps I am not doing something correctly. So I will go thru the steps I did.
Created a new policy. Went under IE maintenance. THen Security. Double clicked on Security Zones and Content Rating.
Checked import current settings then clicked on modify settings. Once in modify settings I went to Trusted Sites \ settings and unchecked the Require Server verification. I then entered *.domain.com and clicked Add. Then hit OK out to the policy. Closed that and had it apply to the machine.
Logged into machine. GPupdate \force then rebooted machine. Logged in as standard user. No change.
Jeff
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx [mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of CHIANESE, DAVID
Sent: Wednesday, September 28, 2005 1:21 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] Working on policy for IE
One thing I noticed in trusted sites GPO is that you should almost always uncheck https sites only, otherwise any non https site added in there invalidates the policy and it never applies, even though gpresult says it does apply. I hope this helps. It does work fine for us.
Regards,
David Chianese RHCE, MCSE+I, CNE, CNA
-----Original Message-----
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx [mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Cothern Jeff D. Team EITC
Sent: Wednesday, September 28, 2005 1:12 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] Working on policy for IE
At a lose here.. I setup a policy that added the trusted sites but it doesnt appear this is doing anything as the trusted sites are not being added. The IEAK communite group is of no help. Anyone had any success modifying the trusted sites thru policy?
Jeff
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx [mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Cothern Jeff D. Team EITC
Sent: Tuesday, September 27, 2005 9:31 AM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: [ActiveDir] Working on policy for IE
Gentlemen
I need to come up with policy for IE I believe. We have a Sharepoint portal running. When initially the user goes their on a new drive the Digital Dashboard tries to install. Currently with the security level that is set it wont install unless an admin logs into the machine and goes to the website. My question is. If I set the Portal web page as a trusted site which it is as its internal web site. Would the Digital Dashboard install correctly with no further action needed. Trusted sites security was not changed from its default settings.
Jeff
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ | | | |
| kwilhelm@xxxx.yyy
| | 09/28/2005 10:22 AM |
| ________________________________
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx on behalf of Cothern Jeff D. Team EITC
Sent: Thu 29/09/2005 3:37 AM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] Working on policy for IE
I verified in the policy that the box is NOT checked. Perhaps I am not doing something correctly. So I will go thru the steps I did.
Created a new policy. Went under IE maintenance. THen Security. Double clicked on Security Zones and Content Rating.
Checked import current settings then clicked on modify settings. Once in modify settings I went to Trusted Sites \ settings and unchecked the Require Server verification. I then entered *.domain.com and clicked Add. Then hit OK out to the policy. Closed that and had it apply to the machine.
Logged into machine. GPupdate \force then rebooted machine. Logged in as standard user. No change.
Jeff
________________________________
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx [mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of CHIANESE, DAVID
Sent: Wednesday, September 28, 2005 1:21 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] Working on policy for IE
One thing I noticed in trusted sites GPO is that you should almost always uncheck https sites only, otherwise any non https site added in there invalidates the policy and it never applies, even though gpresult says it does apply. I hope this helps. It does work fine for us.
Regards,
David Chianese RHCE, MCSE+I, CNE, CNA
-----Original Message-----
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx [mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Cothern Jeff D. Team EITC
Sent: Wednesday, September 28, 2005 1:12 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] Working on policy for IE
At a lose here.. I setup a policy that added the trusted sites but it doesnt appear this is doing anything as the trusted sites are not being added. The IEAK communite group is of no help. Anyone had any success modifying the trusted sites thru policy?
Jeff
________________________________
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx [mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Cothern Jeff D. Team EITC
Sent: Tuesday, September 27, 2005 9:31 AM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: [ActiveDir] Working on policy for IE
Gentlemen
I need to come up with policy for IE I believe. We have a Sharepoint portal running. When initially the user goes their on a new drive the Digital Dashboard tries to install. Currently with the security level that is set it wont install unless an admin logs into the machine and goes to the website. My question is. If I set the Portal web page as a trusted site which it is as its internal web site. Would the Digital Dashboard install correctly with no further action needed. Trusted sites security was not changed from its default settings.
Jeff
Confidentiality:
The contents contain privileged and/or confidential information intended for the named recipient of this email.
CVGT does not warrant that the contents of any electronically transmitted information will remain confidential.
If the reader of this email is not the intended recipient you are hereby notified that any use, reproduction, disclosure or distribution of the information contained in the email is prohibited.
If you receive this email in error, please reply to us immediately and delete the document.
Viruses:
It is the recipient/client's duties to virus scan and otherwise test the information provided before loading onto any computer system.
No warranty is made that this material is free from computer virus or any other defect or error.
Any loss/damage incurred by using this material is not the sender's responsibility. CVGT?s entire liability will be limited to resupplying the material.
Please contact us at www.cvgt.com.au for further information regarding this disclaimer
> | | | |
| AD000001365
Posts:0
| | 09/29/2005 12:09 PM |
| I am Defining the policy on an XP machine. The Domain Controllers are 2003.
The Workstations I am trying to affect are
XP.
From: Katrin Wilhelm
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Katrin
WilhelmSent: Wednesday, September 28, 2005 6:22 PMTo:
ActiveDir@xxxxxxxxxxxxxxxxxxSubject: RE: [ActiveDir] Working on
policy for IE
Hi Jeff,
what server is it on which you are defining
the policy? server 2000 or 2003?
Cheers,
Kat
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx on
behalf of Cothern Jeff D. Team EITCSent: Thu 29/09/2005 3:37
AMTo: ActiveDir@xxxxxxxxxxxxxxxxxxSubject: RE: [ActiveDir]
Working on policy for IE
I verified in the policy that the box is NOT
checked. Perhaps I am not doing something correctly. So I will
go thru the steps I did.
Created a new policy. Went under IE
maintenance. THen Security. Double clicked on Security
Zones and Content Rating.
Checked import current settings then clicked on modify
settings. Once in modify settings I went to Trusted Sites \
settings and unchecked the Require Server verification. I then
entered *.domain.com and clicked Add. Then hit OK out to the policy.
Closed that and had it apply to the machine.
Logged into machine. GPupdate \force then rebooted
machine. Logged in as standard user. No
change.
Jeff
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of CHIANESE,
DAVIDSent: Wednesday, September 28, 2005 1:21 PMTo:
ActiveDir@xxxxxxxxxxxxxxxxxxSubject: RE: [ActiveDir] Working on
policy for IE
One
thing I noticed in trusted sites GPO is that you should almost always uncheck
https sites only, otherwise any non https site added in there invalidates the
policy and it never applies, even though gpresult says it does apply. I
hope this helps. It does work fine for us.
Regards,
David
Chianese RHCE,
MCSE+I, CNE, CNA
-----Original Message-----From:
ActiveDir-owner@xxxxxxxxxxxxxxxxxx [mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx]
On Behalf Of Cothern Jeff D. Team EITCSent: Wednesday,
September 28, 2005 1:12 PMTo:
ActiveDir@xxxxxxxxxxxxxxxxxxSubject: RE: [ActiveDir] Working on
policy for IE
At a lose here.. I setup a policy that added the trusted
sites but it doesnt appear this is doing anything as the trusted sites are not
being added. The IEAK communite group is of no help. Anyone had
any success modifying the trusted sites thru policy?
Jeff
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Cothern Jeff
D. Team EITCSent: Tuesday, September 27, 2005 9:31 AMTo:
ActiveDir@xxxxxxxxxxxxxxxxxxSubject: [ActiveDir] Working on policy
for IE
Gentlemen
I need to come up with policy for
IE I believe. We have a Sharepoint portal running. When initially
the user goes their on a new drive the Digital Dashboard tries to
install. Currently with the security level that is set it wont install
unless an admin logs into the machine and goes to the website. My
question is. If I set the Portal web page as a trusted site which it is
as its internal web site. Would the Digital Dashboard install correctly
with no further action needed. Trusted sites security was not
changed from its default settings.
Jeff
;Confidentiality:
The contents contain privileged and/or confidential information
intended for the named recipient of this email.
CVGT does not warrant that the contents of any electronically
transmitted information will remain confidential.
If the reader of this email is not the intended recipient you
are hereby notified that any use, reproduction, disclosure or distribution of
the information contained in the email is prohibited.
If you receive this email in error, please reply to us
immediately and delete the document.
Viruses:
It is the recipient/client's duties to virus scan and otherwise
test the information provided before loading onto any computer
system.
No warranty is made that this material is free from computer
virus or any other defect or error.
Any loss/damage incurred by using this material is not the
sender's responsibility. CVGT™s entire liability will be limited to resupplying
the material.
Please contact us at www.cvgt.com.au http://www.cvgt.com.au>
for further information regarding this
disclaimer. | | | |
| AD000001365
Posts:0
| | 09/29/2005 12:29 PM |
| Ok I have looked there and in the custom settings directory. There are
two files in the custom settings directory other then the install.ins
there is seczones.ini and seczrsop.ini. Now the sites I want added to
the trusted sites are not in the seczones.ini but they are in the
seczrsop.ini. Would deleteing the Custom settings subfolders help out
any?
Jeff
-----Original Message-----
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of SysPro Support
Sent: Wednesday, September 28, 2005 4:57 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: Re: [ActiveDir] Working on policy for IE
Jeff,
You could try looking at BrndLog.TXT under C:\Documents and
Settings\xxxxxx\Application Data\Microsoft\Internet Explorer (xxxxx is
the
username)
It gives a detailed log of the IE processing and might give you a hint
of what is happening.
Alan Cuthbertson
Policy Management Software:-
http://www.sysprosoft.com/index.php?ref=activedir&f=pol_summary.shtml
ADM Template Editor:-
http://www.sysprosoft.com/index.php?ref=activedir&f=adm_summary.shtml
Policy Log Reporter(Free)
http://www.sysprosoft.com/index.php?ref=activedir&f=policyreporter.shtml
----- Original Message -----
From:
To:
Sent: Thursday, September 29, 2005 5:07 AM
Subject: RE: [ActiveDir] Working on policy for IE
> Hi Jeff...
>
> Might I suggest putting the sites you wish to be in the trusted sites
on
> your Internet Options on your administrative machine, then open the
> policy,
> and tell it to import. It works fine here doing it that way.
>
> John
>
>
>
>
>
> "Cothern Jeff D.
> Team EITC"
> l>
> Sent by:
cc
> ActiveDir-owner@m
> ail.activedir.org
Subject
> RE: [ActiveDir] Working on
policy
> for IE
> 09/28/2005 01:56
> PM
>
>
> Please respond to
> ActiveDir@xxxxxxx
> tivedir.org
>
>
>
>
>
>
> Yes it says it is applied but when I go in and look it says no sites
when
> I
> am looking under trusted sites.
>
>
> From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
> [mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of CHIANESE,
DAVID
> Sent: Wednesday, September 28, 2005 2:06 PM
> To: ActiveDir@xxxxxxxxxxxxxxxxxx
> Subject: RE: [ActiveDir] Working on policy for IE
>
> What does gpresult say? Is it applying the policy?
>
>
>
>
> David Chianese
>
>
>
>
>
> -----Original Message-----
> From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
> [mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Cothern Jeff
D.
> Team EITC
> Sent: Wednesday, September 28, 2005 1:37 PM
> To: ActiveDir@xxxxxxxxxxxxxxxxxx
> Subject: RE: [ActiveDir] Working on policy for IE
>
>
>
> I verified in the policy that the box is NOT checked. Perhaps I
am
> not doing something correctly. So I will go thru the steps I
did.
>
> Created a new policy. Went under IE maintenance. THen Security.
> Double clicked on Security Zones and Content Rating.
> Checked import current settings then clicked on modify settings.
> Once in modify settings I went to Trusted Sites \ settings and
> unchecked the Require Server verification. I then entered
> *.domain.com and clicked Add. Then hit OK out to the policy.
Closed
> that and had it apply to the machine.
>
> Logged into machine. GPupdate \force then rebooted machine.
Logged
> in as standard user. No change.
>
> Jeff
>
>
> From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
> [mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of
CHIANESE,
> DAVID
> Sent: Wednesday, September 28, 2005 1:21 PM
> To: ActiveDir@xxxxxxxxxxxxxxxxxx
> Subject: RE: [ActiveDir] Working on policy for IE
>
> One thing I noticed in trusted sites GPO is that you should
almost
> always uncheck https sites only, otherwise any non https site
added
> in there invalidates the policy and it never applies, even though
> gpresult says it does apply. I hope this helps. It does work
fine
> for us.
>
>
> Regards,
>
>
> David Chianese RHCE, MCSE+I, CNE, CNA
>
>
>
>
>
> -----Original Message-----
> From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
> [mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Cothern
Jeff
> D. Team EITC
> Sent: Wednesday, September 28, 2005 1:12 PM
> To: ActiveDir@xxxxxxxxxxxxxxxxxx
> Subject: RE: [ActiveDir] Working on policy for IE
>
>
>
> At a lose here.. I setup a policy that added the trusted
sites
> but it doesnt appear this is doing anything as the trusted
> sites are not being added. The IEAK communite group is of
no
> help. Anyone had any success modifying the trusted sites
thru
> policy?
>
> Jeff
>
>
> From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
> [mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of
> Cothern Jeff D. Team EITC
> Sent: Tuesday, September 27, 2005 9:31 AM
> To: ActiveDir@xxxxxxxxxxxxxxxxxx
> Subject: [ActiveDir] Working on policy for IE
>
> Gentlemen
>
> I need to come up with policy for IE I believe. We
have a
> Sharepoint portal running. When initially the user goes
their
> on a new drive the Digital Dashboard tries to install.
> Currently with the security level that is set it wont
install
> unless an admin logs into the machine and goes to the
website.
> My question is. If I set the Portal web page as a trusted
site
> which it is as its internal web site. Would the Digital
> Dashboard install correctly with no further action needed.
> Trusted sites security was not changed from its default
> settings.
>
> Jeff
>
>
> List info : http://www.activedir.org/List.aspx
> List FAQ : http://www.activedir.org/ListFAQ.aspx
> List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
>
>
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ | | | |
| john.shukovsky.jr@xxxx.yyy
| | 09/29/2005 12:48 PM |
| I have had this issue as well and is a known
issue with MS. The work around was to set the policy on the pdc itself, using
the gpmc from an xp machine did not work. Only difference was I am using 2000
domain. You will have to set the security zone settings on your pdc then go in
and import those settings to the appropriate gpo from the pdc itself. I was reluctant
of configuring my browser on my pdc at first but was only solution that worked.
HTH
From: ActiveDir-owner@xxxxxxxxxxxxxxxxxx
[mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On
Behalf Of Cothern Jeff D. Team EITC
Sent: Thursday, September 29, 2005
8:07 AM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] Working
on policy for IE
I am Defining the policy on an XP machine. The Domain Controllers are 2003.
The Workstations I am trying to affect are
XP.
From: Katrin
Wilhelm [mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Katrin Wilhelm
Sent: Wednesday, September 28,
2005 6:22 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] Working
on policy for IE
Hi Jeff,
what server is it on which you are defining the policy?
server 2000 or 2003?
Cheers,
Kat
From:
ActiveDir-owner@xxxxxxxxxxxxxxxxxx on behalf of Cothern Jeff D. Team EITC
Sent: Thu 29/09/2005 3:37 AM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] Working
on policy for IE
I verified in the policy that the box
is NOT checked. Perhaps I am not doing something correctly. So
I will go thru the steps I did.
Created a new policy. Went under IE
maintenance. THen Security. Double clicked on Security
Zones and Content Rating.
Checked import current settings then
clicked on modify settings. Once in modify settings I went to Trusted
Sites \ settings and unchecked the Require Server verification.
I then entered *.domain.com and clicked Add. Then hit OK out to the
policy. Closed that and had it apply to the machine.
Logged into machine. GPupdate \force
then rebooted machine. Logged in as standard user. No
change.
Jeff
From:
ActiveDir-owner@xxxxxxxxxxxxxxxxxx [mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of CHIANESE, DAVID
Sent: Wednesday, September 28,
2005 1:21 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] Working
on policy for IE
One thing I noticed in trusted sites GPO
is that you should almost always uncheck https sites only, otherwise any non
https site added in there invalidates the policy and it never applies, even
though gpresult says it does apply. I hope this helps. It does work
fine for us.
Regards,
David Chianese RHCE,
MCSE+I, CNE, CNA
-----Original Message-----
From:
ActiveDir-owner@xxxxxxxxxxxxxxxxxx [mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Cothern Jeff D. Team EITC
Sent: Wednesday, September 28,
2005 1:12 PM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: RE: [ActiveDir] Working
on policy for IE
At a lose here.. I setup a policy that
added the trusted sites but it doesnt appear this is doing anything as the
trusted sites are not being added. The IEAK communite group is of no
help. Anyone had any success modifying the trusted sites thru policy?
Jeff
From:
ActiveDir-owner@xxxxxxxxxxxxxxxxxx [mailto:ActiveDir-owner@xxxxxxxxxxxxxxxxxx] On Behalf Of Cothern Jeff D. Team EITC
Sent: Tuesday, September 27, 2005
9:31 AM
To: ActiveDir@xxxxxxxxxxxxxxxxxx
Subject: [ActiveDir] Working on
policy for IE
Gentlemen
I need to come up with
policy for IE I believe. We have a Sharepoint portal running. When
initially the user goes their on a new drive the Digital Dashboard tries to
install. Currently with the security level that is set it wont install
unless an admin logs into the machine and goes to the website. My
question is. If I set the Portal web page as a trusted site which it is
as its internal web site. Would the Digital Dashboard install correctly
with no further action needed. Trusted sites security was not
changed from its default settings.
Jeff
;Confidentiality:
The
contents contain privileged and/or confidential information intended for the
named recipient of this email.
CVGT does
not warrant that the contents of any electronically transmitted information
will remain confidential.
If the
reader of this email is not the intended recipient you are hereby notified that
any use, reproduction, disclosure or distribution of the information contained
in the email is prohibited.
If you
receive this email in error, please reply to us immediately and delete the
document.
Viruses:
It is the
recipient/client's duties to virus scan and otherwise test the information
provided before loading onto any computer system.
No
warranty is made that this material is free from computer virus or any other
defect or error.
Any
loss/damage incurred by using this material is not the sender's responsibility.
CVGT™s entire liability will be limited to resupplying the material.
Please
contact us at www.cvgt.com.au
for further information regarding
this disclaimer.
This E-mail, including any attachments, may be intended solely for the personal
and confidential use of the sender and recipient(s) named above. This message
may include advisory, consultative and/or deliberative material and, as such,
would be privileged and confidential and not a public document. Any Information
in this e-mail identifying a client of the Department of Human Services is
confidential. If you have received this e-mail in error, you must not review,
transmit, convert to hard copy, copy, use or disseminate this e-mail or any
attachments to it and you must delete this message. You are requested to notify
the sender by return e-mail. | | | |
|
|