Follow

Client Security Settings via Group Policies by Administrators

In this article we will show you how to add sites to the local intranet zone using Group Policy and Active Directory and how to add the AuthForwardServerList registry key to your clients.

Adding sites to the Local Intranet Zone

  1. Create a new Group Policy in a Operational Unit which includes the users you want the policy to apply to.
  2. In User Configuration > Preferences > Windows Settings >Registry create the following Registry keys located at: HKEY_CURRENT_USER > Software > Microsoft > Windows > CurrentVersion > Internet Settings > ZoneMap > Domains > "example.dk" > *

    Then add DWORDS for the protocols you want to add to the Local Intranet Zone loand set the value of the keys to 1.

    In this example all sites under vestconsult.dk are added to the Local Intranet Security Zone.

Adding the AuthForwardServerList key

  1. Add a Multi-String Value named "AuthForwardServerList" under HKEY-LOCAL-MACHINE > System > CurrentControlSet > Services > WebClient > Parameters
    Set it's value to *.example.dk (replace example.dk with your domain)

 

Configure Proxy settings

  1. Logon to a client where you are able to set your proxy settings manually.
  2. Remove the checkmark at the "Automatically detect settings" box. (see below)
    - Open Internet Explorer
    - Go to Internet Options
    - Select Connections pane
    - Click the button LAN Settings
    - Uncheck 'Automatically detect settings' if checked


    - Now click OK.

  3. Now open Regedit on the client and copy the value of the following DWORD:

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings.

  4. Create a new GPO and Edit it: User Configuration-->Preferences-->Windows Settings-->Registry-->New-->Registry Item-->Action (Update) -->Key Path: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\DefaultConnectionSettings

  5. Now insert the value you copied from the client into the DefaultConnectionSettings of your GPO.

 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments