Sometimes when working on a XenApp server and publishing websites through Internet Explorer, you may have a need to temporarily add the website to the Local Intranet or Trusted Sites zone for testing purposes. Usually NTLM passthrough windows authentication won’t work unless the website is part of the Local Intranet zone. Your users will get a popup box asking for their credentials. In multidomain environments, things can get especially hairy sometimes with the way IE detects a Local Intranet website. You can add the site manually in IE after the website has launched but it’s per profile. If you want to add it for all users on the server, group policy is the way to go. Associating a site with a zone can be accomplished through group policy at the domain level easily but sometimes you just want to test things first and it’s quicker to edit the local group policy on the server.
So to do that on Server 2008 R2, go to Start > Run > gpedit.msc
From there you will see Computer Configuration and User Configuration. We want Computer Configuration. Drill down to:
Administrative Templates > Windows Components > Internet Explorer > Internet Control Panel > Security Page
Double click on Site to Zone Assignment List and click the “Enabled” radio button.
Then click “Show…”
A new box will pop up. For the Value name, you want to type in the name of your website. For the Value, you want to specify a number 1 through 4. These correlate to the zones which are:
1. Intranet zone
2. Trusted Sites zone
3. Internet zone
4. Restricted Sites zone
Hit OK to both windows and you’re done. You can test by launching your published IE website. It should now be associated with the zone you specified. You can verify in IE by pressing Alt to bring up the menu bar, then File > Properties and under Zone it will tell you the zone of the current website. Every user that launches the published IE app on your server will have the website in the zone you specified.