Forum Discussion

lloydmalvern's avatar
lloydmalvern
Copper Contributor
Aug 13, 2021

Example of well-formed local network domain name in relevant ActiveDirectory policies governing Edge

There are several Active Directory policies governing Edge behavior that ask for a domain name,  SmartScreenAllowListDomains and AutoOpenFileTypes  and ExemptDomainFileTypePairsFromFileTypeDownloadWarnings for example.

 

In the context of a ClickOnce desktop application deployment to an intranet website, where the internal (not public facing) installer web page would be referenced as follows:

 

https://myintranetwebserver/apps/appname/publish.htm

 

1. How would these Edge policy registry entries refer to the domain? Is it the internal domain to which myintranetwebserver belongs, i.e. *.ourdomain.net  or perhaps https://*.ourdomain.net ? Or is it https://myintranetwebserver  or https://*.myintranetwebserver

 

[SIDE NOTE: the intranet web server has a self-signed SSL certificate which is imported into the appropriate certificate store on user machines to allow for SSL encryption between user desktops and the intranet web server.]

 

2. When specifying AutoOpenFileTypes is there a way avoid making them global and only applicable to specified domains, as can be done with ExemptDomainFileTypePairsFromFileTypeDownloadWarnings   where a file-type extension is linked to an array of domain names?

 

3. What is the expected combined behavior when policies for both AutoOpenFileTypes and ExemptDomainFileTypePairsFromFileTypeDownloadWarnings appear in the registry?

 

Are there precise definitions (rather than simple bullet-type blurbs) for the behavior of each of those settings?

 

 

Resources