Site To Zone Assignment List Unc

This seems like it shouldn't be hard, but I haven't had any luck with either guessing or searching. I'll admit I'm no Windows guru, so forgive me if the answer should be obvious.

I'm trying to get Windows to stop giving me security warnings when I open files or links from a DFS share. I already have a GPO in place which does this for a couple of other network shares:

Here, I've added and to zone 1 (intranet), and the network shares from these hosts are correctly treated as trusted intranet sites.

However, I now want to add to the intranet zone as well. Adding it just like that appears not to work (and on my client machine it appears in the list as ).

"Turn on automatic detection of the intranet" is also enabled, although I've never been clear on how that actually works.

Servers and DCs are 2008 R2 and clients are (mostly) 7 Pro.

Edit: The next day, it appears that the listing of is in fact having the desired effect. I hadn't logged out and back in during testing; I just did a and confirmed that the GPO settings appeared in the Internet Options dialog. Is this a bug or just another arcane Windows thing that I don't quite understand?

windowsgroup-policydfs

Product: ProfileUnity

Product Version: 4.8.1

Expires on: 365 days from publish date

Updated: May 15, 2012

 

Problem:

Launching applications or shortcuts from a redirected folder requires security verification

 

Symptoms:

Each time the user double-clicks an item in a redirected folder they see a pop-up message warning the user and asking the user to confirm that they want to open that item. This is most commonly the Desktop but it's possible for this to occur with the Personal or My Documents folder, and may be seen with other redirected folders as well.

 

Possible Resolution:

This pop-up can be prevented using two GPO settings.

1. Located under:

Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page

Set the "Site to Zone Assignment List." Add the fully qualified domain name of the file server with a value of 2 (trusted sites).

2. Located under:

Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Security Page\Trusted Sites Zone

Set "Launching programs and unsafe files" to Enabled.

You may need to reboot for settings to fully apply

 

Related KB: "Open File - Security Warning" - How trust UNC Path using ProfileUnity

Related KB: How to avoid "Open File - Security Warning" when launching programs from redirected folders to TCP/IP locaton

Was this article helpful?0 out of 0 found this helpful

Have more questions? Submit a request

0 thoughts on “Site To Zone Assignment List Unc

Leave a Reply

Your email address will not be published. Required fields are marked *