Could be a good warning for all users while browsing webpages, but… hey, why does it open when I’m trying to open up files from network shares mapped from a domain?
Well, by default all FQDN names (anything.your.domain) is recognized as internet name. If you just used flat name instead (anything) it would have been recognized as Intranet Zone if your policies are configured well.
Resolution isn’t that complicated:
From user side: Open up IE -> settings -> Security -> Select Local Intranet Zone, click on Sites -> Advanced and add FQDN of fileserver or DFS root domain.
From Group Policies side: Open up Policies (Computer / Users, depends which one fits to your env) -> Administrative Templates -> Windows Components -> Internet Explorer -> Internet Control Panel -> Security Page and double click on Site to Zone Assignment List to edit a list. Set policy to “Enabled” and click on “Show…” button.
In the Value Name Colum, type in FQDN of file server or DFS root domain, in column Value, type in number for specific Security Zone:
- 1 – Intranet Zone
- 2 – Trusted Sites Zone
- 3 – Internet Zone
- 4 – Restricted Sites Zone