I need to add a site to trusted sites on all computers in my domain. I can do it with the "site to zone assignment list", however when I do, it locks trusted sites on the client computer "this setting is managed by your administrator". What I need is a way to add the site, make it persistant, and not affects the users ability to add trusted sites of thier own. (It's a development enviroment, sites are created and tested regularly, they need that ability.)
SnapOverflow
If you use logon scripts you could push a .reg file that has the trusted sites in there...that way you're not using the GPO to "take control".
Something similar is described here: http://nefaria.com/2009/10/adding-trusted-sites-for-ie-via-the-registry/
Also, if you don't want to replace what a user has already entered, there is a syntax to "append" data to a registry key...that way you can just add a global list but not wipe out individual additions already made by a user.
Here is some registry editing syntax : http://msdn.microsoft.com/en-us/library/aa371168%28VS.85%29.aspx
Assuming you have WinNT6 clients (Vista / Win7 / Win8), use a Group Policy preference setting to add the REG entry. Preference settings do not restrict the user's UI. Job done.
See Registry Extension TechNet Article for more info.