I believe Group Policy has the ability to prevent users from changing which zone a domain is in. Did someone change the policy? Also the same Zone information is used by .NET (so they could have changed it for that not realizing it would affect IE).
Just my 2 cents. Fred -----Original Message----- From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of D Dussie Sent: Friday, September 14, 2012 2:33 PM To: arslist@ARSLIST.ORG Subject: Re: [EXTERNAL] IE Trusted Site Meduim Security is Blocking Report Download (cvs, etc) Thanks for the responding Natalie. 1. The domain in question is applied with group policy and forced on each login. So, the user has the ability to remove the setting locally each time, but that would be a nussiances. Actually, it does not work in IE8, either. But currently, IE7 is the corporate standard. However, I am addressing IE8, with its rollout. 1a. It works in all other browsers not management by any policy. So, this rules out the proxy.pac. 2. Yes, we can put in the local intranet which has med-low security setting, but the issue it is current in trusted site. (in our environment with many applications to consider, removing it will be an issue, as the impact cannot to gauged, especially for critical apps.) The solution i can think of, 1. is new domain. Which will be alot of work 2. have users install non-standard browser, which group policy don't control. 3. users go directly to http servers, behind bigip (worst solution, but still one) _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug12 www.wwrug12.com ARSList: "Where the Answers Are"