I’d like to add two IP addresses of our servers to the local intranet on a list of computers.
It seems that there are some problem with our policy and some PCs take it while others not.
Is it possible to add them from command line in order to run a batch every time a user logon to domain?
I made some search on the web and I’ve found appcmd.exe but if I’ve understood it’s a tool that belongs to IIS7. Is it the right tool for my need or is there something else?
Create the following registry script in a location they have access to, let's say c:\windows\system32 (or in \servername\netlogon) and name it AddIPLocalIntranet.reg
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range10000]
"https"=dword:00000001
":Range"="199.198.197.196"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range10001]
"https"=dword:00000001
":Range"="199.198.197.197"
I choose a number for the range that was very high, so it would not interfere with any ones you may already have. Use 10000 and 10001. Just edit the IP addresses in the example.
Then create the following batch file to run that registry script in the C:\Windows\system32 directory (or again, the netlogon share) and name it AddIPLocalIntranet.bat
regedit /s C:\ Windows\system32\AddIPLocalIntranet.reg
Add that batch file to any place you want to run it from...logon script, group policy, etc.
I tested this, but in case I typed anything wrong, and it does not work, post back.
For anyone else attempting this, you can also add a domain name instead of IP.
To add domain test.example.com over https to the Intranet zone:
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\example.com\test]
"https"=dword:00000001
Install this file using the same method as given by @KCotreau
