Problem
You want to add a site to a specific Internet Explorer security zone.
Solution
To create the registry keys and properties required to add a site to a specific security zone, use the NewItem and NewItemProperty cmdlets. Example 183 adds www. example.com to the list of sites trusted by Internet Explorer.
Example 183. Adding www.example.com to the list of trusted sites in Internet Explorer
SetLocation "HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings" SetLocation ZoneMap\Domains NewItem example.com SetLocation example.com NewItem www SetLocation www NewItemProperty . Name http Value 2 Type DWORD
The Internet Explorer zone identifiers are:
- My Computer
- Local intranet
- Trusted sites
- Internet
- Restricted sites
When Internet Explorer is configured in its Enhanced Security Configuration mode, you must also update entries under the EscDomains key.
Once a machine has enabled Internet Explorer’s Enhanced Security Configuration, those settings persist even after removing Enhanced Security Configuration. The following commands allow your machine
to trust UNC paths again:
SetLocation "HKCU:\Software\Microsoft\Windows\" SetLocation "CurrentVersion" SetLocation "Internet Settings" SetItemProperty ZoneMap UNCAsIntranet Type DWORD 1 SetItemProperty ZoneMap IntranetName Type DWORD 1
To remove the zone mapping for a specific domain, use the RemoveItem cmdlet: PS >GetChildItem
Hive: Microsoft.PowerShell.Core\Registry::HKEY_CURRENT_USER\Software\Mi crosoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains
SKC
VC Name
Property
1
0 example.com
{}
PS >RemoveItem Recurse example.com PS >GetChildItem PS >
For more information about using the Internet Explorer registry entries to configure security zones, see the Microsoft KB article “Description of Internet Explorer Security Zones Registry Entries” at http://support.microsoft.com/kb/182569. For more information about managing Internet Explorer’s Enhanced Security Configuration, search for it on http://technet.microsoft.com.
