Add a Trusted Site in IE using KiXtart

11th September 2007, 05:33 pm

At Ergotron, we have a browser based, third party application that works best when the server is added to the Trusted Sites Zone in Internet Explorer. In a perfect world, we could bug the developers to make it run correctly on the principle of least privilege, but that’s not likely to happen.

trusted_sites_details.png

So, I added code to our log on script, which is written in KiXtart, to add the servers for this application to the Trusted Sites Zone.

Here’s the main function:

; Add a site to the Trusted Sites Zone
FUNCTION AddTrustedSite ($Protocol, $Server, $Domain)
	$DomainsKey = "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains"
	$SiteKey = '$DomainsKey\$Domain\$Server\'
	$SiteValue = $Protocol
	$TrustedSitesZone = 2
 
	$Result = WRITEVALUE ($SiteKey, $SiteValue, $TrustedSitesZone, "REG_DWORD")
ENDFUNCTION

I also wanted a way to remove sites from the Trusted Sites Zone as well:

; Delete a site from the Trusted Sites Zone
FUNCTION DeleteTrustedSite ($Protocol, $Server, $Domain)
	$DomainsKey = "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains"
	$SiteKey = '$DomainsKey\$Domain\$Server\'
	$SiteValue = $Protocol
 
	$Result = DELVALUE ($SiteKey, $SiteValue)
ENDFUNCTION

Now, to use these functions:

; Add buggy application to the Trusted Sites Zone
AddTrustedSite ("http", "buggyapp", "example.com")
 
; Remove fixed application from the Trusted Sites Zone
DeleteTrustedSite ("http", "fixedapp", "example.com")

The value passed to $Protocol can be “http”, “https”, “file”, “ftp” or “*”. If “*” is used, the site will be trusted when it is accessed using any protocol. If anything other than “https” is specified, you must disable the “Require server verification (https) for sites in this zone” option.

This is how to disable the “Require server verification (https) for sites in this zone” option:

; Do not require https for sites in the Trusted Sites zone
$TrustedSitesFlags = VAL (READVALUE ("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\", "Flags"))
$TrustedSitesFlags = $TrustedSitesFlags | 4
$Result = WRITEVALUE ("HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2\", "Flags", $TrustedSitesFlags, "REG_DWORD")
Category: System Administration  |  Comment  |  E-Mail  |  Print This Post Print This Post

Typing Pīnyīn on Windows

29th August 2007, 01:00 pm

Rob Rohan has a quick, easy way to allow typing pīnyīn on Windows with tone marks. It only took me a minute to install it and start using it and it works great.

Category: Uncategorized  |  Comment  |  E-Mail  |  Print This Post Print This Post

Getting back DMA mode in Windows

17th August 2007, 07:30 pm

ATA drives that run in PIO mode instead of DMA mode use a lot of CPU any time that data is transferred to or from the drive. This can cause significant performance problems. Common symptoms are slow boot times, erratic or stuttering mouse movement, CD or DVD burning failure, and stuttering while watching DVD movies.

I’ve used this method countless times to re-enable DMA mode on stubborn hard drives and CD-ROM drives:

Getting back to DMA mode in Windows

That post says Windows XP, but the technique is the same for Windows 2000, Windows Server 2003, Windows Vista and probably Windows Server 2008.

Category: System Administration  |  Comment  |  E-Mail  |  Print This Post Print This Post