Consider a domain environment. I have an internal intranet site built on Sharepoint, which automatically displays information about the user currently logged on. There is no credential prompt for the user when he opens this URL in IE. This URL is added to the Trusted Sites for all users, mostly done in time by manual configuration by each user. The configuration for the Security Settings under "User Authentication\Logon" is set to "Automatic logon with current user name and password".
Recently we've modified this scenario as follows: using group policy preferences we've specified the intranet URL as an intranet site. Therefore we now have the same URL defined both in Intranet sites as well as Trusted sites. In order to increase the security against Trusted sites, we've changed the "User Authentication\Logon" setting to "Automatic logon only in Intranet zone". The problem now is that clients are being prompted for credentials when opening the intranet page. Taking the intranet URL off the Trusted sites list makes the automatic authentication work without any issues for a specific user. Therefore it seems there's a problem when the same URL is mentioned for both Intranet and Trusted sites, and when the logon settings are different for these 2 types of zones.
Is there a way we could fix this, without having to revert the Trusted sites setting to "Automatically logon with user name and password" ? Perhaps a way to only remove this URL from the list of each user's Trusted Sites, without affecting the rest there ?