You ever wants to set websites in Microsoft Internet Explorer as default through your whole environment? Sure, that is one of the use cases of VMware´s Dynamic Environment Manager (DEM). But what if you use the Internet Explorer Enhanced Security Configuration? In that case you have to define which sites are associated with which security zone. There are 4 types of zones in that case:
1 = Intranet zone
2 = Trusted Sites zone
3 = Internet zone
4 = Restricted Sites zone.
This led to the conclusion to do the definition with DEM as well, it´s a website, right? You go to your DEM Management console, use the tab “User environment”. On the left side you choose “ADMX-based Settings”. Click create. Choose “Select Categories” and then User Configuration – Policies – Administrative Templates – Windows Components – Internet Explorer – Internet Control Panel – Security Page, click ok.
Now go to Edit
Select on the left side “Windows Components – Internet Explorer – Internet Control Panel – Security Page. On the right side you will find the policy “Site to Zone Assignment List.
And then you see that:
Now unfortunately, the bad news. In that case I have to tell you, that this is not possible with DEM ADMX-based settings. I explain you why, with that policy will not only be set some registry keys or something like that. This policy is a little bit more complex from the policy perspective. It will run the so called Group Policy extensions. DEM is not able to do the same or in better words can´t simulate that behavior. For that reason, VMware marks that as unsupported settings.
If you want to configure things like that in your environment, please use the usual Active Directory GPOs.
Dynamic Environment Manager (DEM) supports a lot of policies (GPOs) but unfortunately, not that.