7

I’d like to add two IP addresses of our servers to the local intranet on a list of computers.

It seems that there are some problem with our policy and some PCs take it while others not.

Is it possible to add them from command line in order to run a batch every time a user logon to domain?

I made some search on the web and I’ve found appcmd.exe but if I’ve understood it’s a tool that belongs to IIS7. Is it the right tool for my need or is there something else?

Giacomo1968
  • 53,069
  • 19
  • 162
  • 212
nick rulez
  • 305
  • 4
  • 8
  • 18
  • I am not sure about the command line thing, but why don't you tell us more about the underlying problem. I might be able to answer that easier than the actual question. – KCotreau Jul 15 '11 at 20:07
  • Hi KCotreau and thanks for your interesting. You're always very kind. My company has developed a web application that requires to add the ip of two servers to local intranet and to activate some activex. We don't have any chance to work on the policies of the company that uses our application. Unluckily some pcs of this o.u. take the policy in the correct way, while others take just one of the two ips and others no one. This is the reason why I was looking for a way to run a batch at logon in order to add those two ip to every computer that runs our app. Thanks. – nick rulez Jul 15 '11 at 20:18
  • 2
    Hi @eric, please mention users with @ in order to have them get notifications, secondly, please use the [edit] functionality to rewrite/add information to your question rather than have people reading through the comments. – slhck Jul 15 '11 at 20:35
  • @slhck. Hi. I'll follow your advice from the next time. Please forgive me. Bye. :) – nick rulez Jul 16 '11 at 10:25
  • Don't worry about it! @eric – slhck Jul 16 '11 at 10:35

2 Answers2

6

Create the following registry script in a location they have access to, let's say c:\windows\system32 (or in \servername\netlogon) and name it AddIPLocalIntranet.reg

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range10000]
"https"=dword:00000001
":Range"="199.198.197.196"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\Range10001]
"https"=dword:00000001
":Range"="199.198.197.197"

I choose a number for the range that was very high, so it would not interfere with any ones you may already have. Use 10000 and 10001. Just edit the IP addresses in the example.

Then create the following batch file to run that registry script in the C:\Windows\system32 directory (or again, the netlogon share) and name it AddIPLocalIntranet.bat

regedit /s C:\ Windows\system32\AddIPLocalIntranet.reg

Add that batch file to any place you want to run it from...logon script, group policy, etc.

I tested this, but in case I typed anything wrong, and it does not work, post back.

KCotreau
  • 25,519
  • 5
  • 48
  • 72
  • +1. Hi. It works great. I've just removed "s" from https. Thank you very much once again. Have a nice weekend. :) – nick rulez Jul 16 '11 at 10:23
  • 1
    @eric cartman That is one of my best answers ever here. I got it by adding that unique IP to my local Intranet, then searching the registry. From there, I previously had a solution in my private files to a totally different problem, but it used the same format so I plugged your registry info into it. Thank you for the check mark. – KCotreau Jul 16 '11 at 10:57
1

For anyone else attempting this, you can also add a domain name instead of IP.

To add domain test.example.com over https to the Intranet zone:

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\example.com\test]
"https"=dword:00000001

Install this file using the same method as given by @KCotreau

Samuel Jaeschke
  • 519
  • 1
  • 8
  • 16