Re: Managing Group Policy on XP SP2
From: d mac (dmac_at_discussions.microsoft.com)
Date: 09/29/04
- Next message: Mark Renoden [MSFT]: "Re: Control Panel Locked Out"
- Previous message: Steven L Umbach: "Re: HELP!!! Unable to logon to Server 2000"
- In reply to: billj: "Re: Managing Group Policy on XP SP2"
- Next in thread: Darren Mar-Elia: "Re: Managing Group Policy on XP SP2"
- Reply: Darren Mar-Elia: "Re: Managing Group Policy on XP SP2"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 28 Sep 2004 17:53:02 -0700
I'm glad I'm not the only one. I will definitely know if I find any fixes.
For the time being, I'm enabling the policy through the workstation that has
XP SP2 and it seems to be applying through the domain controllers, however
the programs don't show up on the list in the Windows Firewall like I would
expect. Can you see if this is the same experience for you? I'm guessing
it's doing this because the policy isn't listed on the servers but still
affects the machines as a policy.
d mac
"billj" wrote:
> I've been facing the EXACT same issue since yesterday. If you come up with a
> solution, it would be great to post it here. I'll do the same.
>
> billj
>
> "d mac" wrote:
>
> > I imported the ADM files from the XP SP2 workstation and still some of the
> > policies are missing (as mentioned below). I even imported the ADM files
> > from the Microsoft website (at
> > http://www.microsoft.com/downloads/details.aspx?FamilyID=92759d4b-7112-4b6c-ad4a-bbf3802a5c9b&DisplayLang=en) and still there are some missing.
> >
> > It seems like there might be certain policies that aren't compatible with
> > Windows 2000 Server. Does anyone know what I should try next?
> >
> > Thanks,
> >
> > d mac
> >
> > "d mac" wrote:
> >
> > > Hi there,
> > >
> > > I downloaded the 842933 patch before opening the GPO on the XP SP2
> > > workstation, so I haven't had any of the "The following entry in the
> > > [strings] section is too long and has been truncated" errors. But I still
> > > have the issue where not all the policies are showing up on the Windows 2000
> > > Server vs. the XP SP2 workstation. Is this a known issue?
> > >
> > > I will try Hunter's suggestion on manually importing the ADM files on the
> > > Windows 2000 server to see if that updates all the policies on the domain
> > > controllers to match the same amount showing on the XP SP2 workstation.
> > >
> > > I'll let you know how it goes.
> > >
> > > Thanks
> > >
> > > d mac
> > >
> > > "Bruce Sanderson" wrote:
> > >
> > > > http://support.microsoft.com/?kbid=842933 documents this problem and has a
> > > > patch available.
> > > >
> > > > --
> > > > Bruce Sanderson MVP
> > > >
> > > > It's perfectly useless to know the right answer to the wrong question.
> > > >
> > > >
> > > > "Hunter" <anonymous@discussions.microsoft.com> wrote in message
> > > > news:1b9601c4a1a0$6a628fa0$a401280a@phx.gbl...
> > > > > You might try gathering up the XP .adm templates, copying
> > > > > them to temp folder on the 2000 DC. Then opening the A/D
> > > > > Group policy on the 2000 box right click on the
> > > > > Admisitrative templates container, choose add snap-in.
> > > > >
> > > > > It'll show the ones currently in use in the wnnt/inf
> > > > > folder, Browse over to the new ones in the temp folder
> > > > > and select add, it should ask you about overwriting etc.
> > > > >
> > > > > Choose yes.
> > > > >
> > > > > Once the new ones are copied in you will probably get a
> > > > > bunch messages stating the new ones are too long or
> > > > > something, but you'll have to hunt down an update for this
> > > > > I think I found it at microsoft tech experts page on XP,
> > > > > but it didn't seem to want to be found with search.
> > > > >
> > > > > Anyways, maybe that will help.
> > > > >
> > > > > Regards
> > > > >
> > > > > Hunter
> > > > >
> > > > >
> > > > >
> > > > >>-----Original Message-----
> > > > >>I updated our GPO on our Windows 2000 domain controllers
> > > > > with the latest ADM
> > > > >>files from XP SP2. I did this by opening up the GPO on a
> > > > > Windows XP Pro
> > > > >>workstation with SP2 and it automatically replicated the
> > > > > ADM files to our
> > > > >>domain controllers. See document at
> > > > >>http://www.microsoft.com/technet/prodtechnol/winxppro/main
> > > > > tain/mangxpsp2/mngdepgp.mspx
> > > > >>
> > > > >>However, it seems like not all of the ADM files are
> > > > > replicating to the
> > > > >>Windows 2000 servers. For example, in the policy
> > > > > path "Administrative
> > > > >>Templates\Network\Network Connections\Windows
> > > > > Firewall\Domain Profile" there
> > > > >>are only 12 policies listed on the Windows 2000 Server
> > > > > but on the XP SP2 box,
> > > > >>there are 14 policies. The two that are missing are:
> > > > >>
> > > > >>Windows Firewall: Define program exceptions
> > > > >>Windows Firewall: Define port exceptions
> > > > >>
> > > > >>Is this by design or is there something wrong with the
> > > > > replication process?
> > > > >>It would be nice to be able to define program exceptions
> > > > > because there are a
> > > > >>couple programs within our environment that won't work
> > > > > unless we can exclude
> > > > >>them. It would be preferable to do this through GP
> > > > > instead of manually going
> > > > >>to each machine and defining the program exceptions.
> > > > >>
> > > > >>Thanks,
> > > > >>
> > > > >>d mac
> > > > >>.
> > > > >>
> > > >
> > > >
> > > >
- Next message: Mark Renoden [MSFT]: "Re: Control Panel Locked Out"
- Previous message: Steven L Umbach: "Re: HELP!!! Unable to logon to Server 2000"
- In reply to: billj: "Re: Managing Group Policy on XP SP2"
- Next in thread: Darren Mar-Elia: "Re: Managing Group Policy on XP SP2"
- Reply: Darren Mar-Elia: "Re: Managing Group Policy on XP SP2"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
