Somewhere out there!

By default Windows Terminal Server is quite annoying when dealing with shortcuts and applications mount from a local file server. A per usual with Windows there is quite a lot of documentation out there with information, although it not all clear.

1. “Site to Zone Assignment List” GPO = trusted site?
2. Site to Zone Assignment List – best method here
3. Behavior of Site to Zone Assignment List
4. The Site to Zone Assignment List policy prevents Internet Explorer from using other zone configuration settings when the Internet Explorer Enhanced Security Configuration feature is enabled on a Windows Server 2003 SP1-based computer
5. How to lock down a Windows Server 2003 or Windows 2000 Terminal Server session

Regardless of the above I found the best way to deal in Windows 2003R2 with the GPO was:

Edit the GPO object you wish to apply these settings too. Select [User Configuration\Windows Settings\Internet Explorer Maintenance\Security]. Then double click [Security Zones and Content Ratings], click [Import the current security zones and privacy settings], and then click [Modify Settings]. It should be pretty straight-forward from there. I added my file server sites into Local Intranet, using the form file://uncserver. I found this easy than the “Site to Zone Assignment List” GPO method.