OK, so why then isn't it working? When I do a Group Policy Wizard, and choose my user and test VM, I do see my domain in (Computer) Windows Components/Internet Explorer/Compatibility View
*.wrk.ads.xxx.xxx.xxx I also see "Use Pop-Up Blocker" disabled, under (Computer) Windows Components/Internet Explorer/Internet Control Panel/Security Page/Trusted Sites Zone. I even set the same things under the User Configuration (Compatibility View settings, and pop-up blocker settings). So how come when I log in as that user, on that machine, and go to the local website, I see that the Security page says I am in the Trusted Zone, but I don't see pop-ups disabled. And I don't see my domain under Compatibility View. It is IE11 (version 11.0.9600.18059). So what is the deal here? Ordinarily, I'd run rsop.msc, but this is a regular user, and the other GPO settings prohibit running it. I suppose I could temporarily make the user a local admin, so I could check. But the GP Wizard says they are set. Am I just setting the wrong things? How can I disable pop-ups in the Trusted Zone, and add my internal domain to Compatibility View, if I don't use the template? Am I going to have to push out a registry setting or something? On Fri, Jun 2, 2017 at 10:21 AM, <dylan.mar...@bench.com> wrote: > Michael, > > Compatibility View settings are managed here: > > Computer Configuration -> Administrative Templates -> Windows Components -> > Internet Explorer -> Compatibility View > > The settings you are looking for is "Use Policy List of Internet Explorer 7 > sites", that is what the compatiblity view does. > > https://docs.microsoft.com/en-us/internet-explorer/ie11-deploy-guide/missing-the-compatibility-view-button > > -----Original Message----- > From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] > On Behalf Of Michael Leone > Sent: Friday, June 02, 2017 4:00 PM > To: ntsysadm@lists.myitforum.com > Subject: [NTSysADM] Re: Using GPO to allow pop-ups and to set compatibility > settings - MORE > > Apparently, a long time back, I did add my internal domain to the "Trusted > Sites" zone via a GPP registry setting, as well as pushing out my internal CA > cert. (just goes to shwo, getting old sucks. Only thing worse is not getting > old ..) > > Anyway, when I go to the new VOIP server, and try to log in via web interface > (to see reports, etc), > > I am NOT prompted for a cert > The site does show as a "Trusted Site" > > Good! > > BUT ... even so, pop-ups say they are enabled, and I don't see my internal > domain in Compatibility View. > > I've already disabled pop-up blockers in the Internet Control Panel/Security > Page/Trusted Sites Zone for computers. Guess I'll try it for User > Configuration ... > > > Still haven't found where to add to Compatibility View ... > > > On Fri, Jun 2, 2017 at 9:13 AM, Michael Leone <oozerd...@gmail.com> wrote: >> Today we start rolling out a new VOIP phone system (I haven't been >> involved with any of this). >> >> This morning I get an email, saying that some of our staff will need >> to access the system via a web interface, and that we need to turn off >> pop-up blockers for that site, and to add this site to COmpability >> View. >> >> <SIGH> >> >> Why they just didn't wait to ask this until after we'd changed out >> 1,000 Nortel phones for Cisco phones? >> >> Anyway: >> >> I've already pushed out our internal root cert, so they shouldn't be >> asked to accept an unknown cert. This works for IE, but not for >> Chrome, for some reason. But I'll get back to that. >> >> Anyway, since we use IE 10 and IE 11 (no Edge, no Win 10, everybody is >> still Win 7), I think I need to use GP to: >> >> Computer Configuration/Policies/Administrative Templates/Windows >> Components/Internet Explorer/Pop-up Allow List >> >> and add "*.<my internal domain>" >> >> (that won't erase any other pop-up settings they may have manually >> entered, will it?) >> >> But where do I do that for Compatibility View? I see a "Compability >> View" sub-section there, but nothing that looks like "Add this local >> domain". >> >> Sorry for the rushed questions, but like I say, this is the first I am >> hearing of this. How they did not notice this during testing, I have >> no clue ... >> >> Thanks > >