policy statement
In an enterprise, due to different job contents, different job responsibilities, different websites accessed by each department, and the particularity of some websites, it is necessary to add trust to the address to access normally, but the authority cannot be delegated to the user's computer or account, so The administrator needs to add trust uniformly to the domain policy.
setup steps
- Open the group policy by command gpmc.msc on the domain control server;
- Here I set it directly in the default group policy Default Domain Policy, right-click "Edit";
- Find in order: Computer Configuration - Policies - Administrative Templates - Windows Components - Internet Explorer - Internet Control Panel - Security Page - Site to Zone Assignment List;
- Edit "Site to Zone Assignment List"—check "Enabled"—display;
- Here, take the Baidu homepage as an example, add it to the trusted site, the value is 2;
security area description
Internet Explorer has four security zones, numbered 1-4, that are used by this policy setting to associate sites with zones. The 4 zones are:
(1) Intranet zone,
(2) Trusted sites zone,
(3) Internet zone, and
(4) Restricted sites zone.
Security settings can be set for each of these zones through additional policy settings, and the default settings for these zones are as follows: Trusted Sites Zone (Low Template), Intranet Zone (Medium Template), Internet Zone (Medium Template), and Trusted Sites Zone (Low Template) Restricted site area (high formwork). (The Local Computer zone and its locked equivalent have special security settings that protect the local computer.)
- Check the computer in the domain environment, and the URL has been successfully added to the local trusted site;