I want to ensure that Internet Explorer on all domain computers trust all domain servers.
The specific problem I have is with our on premises installation of Dynamics CRM 2011. I have the requirement to show a page within an iframe, this page uses Windows Authentication to authenticate users and audit actions.
When I load the view with the iframe, out of the box, IE will seemingly place the site in its restricted zone and ultimately I get a 401 error.
I have created a test site with the same Windows Update configuration to load in the iframe and explicitly adding this to the trusted sites zone works but this is a pain to do on each machine and is a work around. As far as I’m concerned, each client should trust our internal servers and should fall into the Intranet Zone.
How can I force the behaviour I require?
You can configure these settings via Group Policy. Computer Config>>Administative Templates>>Windows Components>>Internet Explorer>>Internet Control Panel>>Security Page then look at the Site to Zone Assignment List policy.