Cisco AnyConnect VPN Client Administrator Guide, Version 2.0
Using Microsoft Active Directory to Add the Security Appliance to the List of Internet Explorer Trusted Sites for Domain Users
Downloads: This chapterpdf (PDF - 76.0KB) The complete bookPDF (PDF - 5.03MB) | Feedback

Using Microsoft Active Directory to Add the Security Appliance to the List of Internet Explorer Trusted Sites for Domain Users

Table Of Contents

Using Microsoft Active Directory to Add the Security Appliance to the List of Internet Explorer Trusted Sites for Domain Users


Using Microsoft Active Directory to Add the Security Appliance to the List of Internet Explorer Trusted Sites for Domain Users


An Active Directory Domain Administrator can push a group policy to domain users that adds the security appliance to the list of trusted sites in Internet Explorer. Note that this differs from the procedure to add the security appliance to the list of trusted sites by individual users, described in Adding a Security Appliance to the List of Trusted Sites (Internet Explorer), page 2-3. This procedure applies only to Internet Explorer on Windows machines that are managed by a domain administrator.


Note Adding a security appliance to the list of trusted sites for Internet Explorer is required for those running Windows Vista who want to use WebLaunch.


To create a policy to add the Security Appliance to the Trusted Sites security zone in Internet Explorer by Group Policy using Active Directory, perform the following steps:


Step 1 Log on as a member of the Domain Admins group.

Step 2 Open the Active Directory Users and Computers MMC snap-in.

Step 3 Right-click the Domain or Organizational Unit where you want to create the Group Policy Object and click Properties.

Step 4 Select the Group Policy tab.

Step 5 Click New.

Step 6 Type a name for the new Group Policy Object and press Enter.

Step 7 To prevent this new policy from being applied to some users or groups, click Properties. Select the Security tab. Add the user or group that you want to prevent from having this policy, then clear the Read and the Apply Group Policy check boxes in the Allow column. Click OK.

Step 8 Click Edit.

Step 9 Navigate to User Configuration > Windows Settings > Internet Explorer Maintenance > Security.

Step 10 Right-click Security Zones and Content Ratings in the right-hand pane and click Properties.

Step 11 Select Import the current security zones and privacy settings. If prompted, click Continue.

Step 12 Click Modify Settings.

Step 13 Select Trusted Sites and click Sites.

Step 14 Type the URL for the Security Appliance that you want to add to the list of Trusted Sites and click Add.
The format can contain a hostname (https://vpn.mycompany.com) or IP address (https://192.168.1.100).
It can be an exact match (https://vpn.mycompany.com) or a wildcard (https://*.mycompany.com).

Step 15 Click Close (or OK and OK).

Step 16 Click Close (or OK until all dialog boxes are closed, and close any snap-in window)s.

Step 17 Allow sufficient time for the policy to propagate throughout the domain or forest.