Re: XP SP2 Firewall selects Standard profile when computer is properly
From: Bruce Sanderson (Bruce.Sanderson_at_junk.junk)
Date: 09/17/04
- Next message: anonymous_at_discussions.microsoft.com: "Re: Do I really need all these bridges?"
- Previous message: Roberto: "RE: Where is my LAN network icon after SP2 ???"
- In reply to: Morgan Cruse: "RE: XP SP2 Firewall selects Standard profile when computer is properly"
- Next in thread: Morgan Cruse: "Re: XP SP2 Firewall selects Standard profile when computer is prop"
- Reply: Morgan Cruse: "Re: XP SP2 Firewall selects Standard profile when computer is prop"
- Messages sorted by: [ date ] [ thread ]
Date: Fri, 17 Sep 2004 13:36:24 -0700
Nope: still pursueing.
Is this with IBM Thinkpads or other makes and models of computers also? (At
this time, we only have SP2 on the IBM ThinkPad R51s).
-- Bruce Sanderson MVP It's perfectly useless to know the right answer to the wrong question. "Morgan Cruse" <Morgan Cruse@discussions.microsoft.com> wrote in message news:AE63CAF4-7214-4CC2-904B-07042F942945@microsoft.com... > Bruce > > I have the same problem. Did you manage to solve it? > > Morgan > > "Bruce Sanderson" wrote: > >> >> We are rolling out about 180 new IBM ThinkPad R51 laptops with XP SP2 >> installed. These are all joining the domain and receiving the Group >> Policies correctly. I know this is the case because: >> >> 1. the Firewall settings are exactly what is configured in the Group >> Policy >> I have for the SP2 firewall >> 2. I get Event Log entries saying the attempt to install SP1 (done on all >> of >> our XP computers via Group Policy) fails as expected >> 3. other things set by Group Policy are set correctly >> >> However, on at least some of them, the SP2 firewall allways (or at least >> nearly always) selects the Standard firewall profile. This means that we >> can not remotely administer these computers because, via Group Policy, >> the >> Standard firewall profile has no Exceptions. Occasionally, after a >> restart >> (without moving or disconnecting the network cable), the Domain firewall >> profile is selected. >> >> Now, according to >> http://www.microsoft.com/technet/community/columns/cableguy/cg0504.mspx, >> the >> firewall feature determines which profile to use (Standard or Domain) >> based >> on the "Connection specific DNS suffix" and what it was set to when the >> last >> Group Policy updates were received. >> >> I've checked (using ipconfig /all) that the computers selecting the >> Standard >> profile have the exactly the same Connection Specific DNS suffix as those >> that are consistently selecting the Domain profile. >> >> All of these computers have been restarted several times while being >> connected to the network via Ethernet cable. >> >> I've also (while logged on as an administrator) issued the gpupdate >> command >> to force a Group Policy update (after verifying that the Connection >> Specific >> DNS Suffix is correct), then restarted, but the computer still gets the >> Standard firewall profile. >> >> I've tried disconnecting then reconnecting the network cable; issuing >> ipconfig /release, ipconfig /renew; without any success. >> >> I've disabled the wireless network adapter (there is no wireless network >> in >> the office) - still get the Standard firewall profile. >> >> I did not encounter this issue when beta testing SP2, nor while I was >> testing the firewall Group Policy on the 4 Windows XP SP2 (RTM) computers >> (domain members - same domain) at my desk. On these computers, the >> Domain >> Firewall Profile is always selected when the computer is connected to the >> office network and the Standard profile when it is not - just as >> advertised. >> If I disconnect the netrwok cable, the profile changes to Standard; when >> I >> plug the network cable back in again, the profile changes back to Domain. >> >> So: >> >> 1. what diagnostic tools/logs etc. are available to determine why the >> Standard profile is selected incorrectly? >> 2. is there are fix (or workaround) for this problem? >> >> The new computers were "imaged" from the same copy of the system image >> (created via Sysprep and Ghost). >> -- >> Bruce Sanderson MVP >> >> It's perfectly useless to know the right answer to the wrong question. >> >> >> >>
- Next message: anonymous_at_discussions.microsoft.com: "Re: Do I really need all these bridges?"
- Previous message: Roberto: "RE: Where is my LAN network icon after SP2 ???"
- In reply to: Morgan Cruse: "RE: XP SP2 Firewall selects Standard profile when computer is properly"
- Next in thread: Morgan Cruse: "Re: XP SP2 Firewall selects Standard profile when computer is prop"
- Reply: Morgan Cruse: "Re: XP SP2 Firewall selects Standard profile when computer is prop"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
