Re: Firewall exceptionlist with GP

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 01/11/05 

Date: Tue, 11 Jan 2005 11:28:26 -0600

You can do that if you edit the Group Policy from a Windows XP SP2 computer
and of course you will have to logon as a domain admin so make sure the
computer is "secured" as normally a user should not be logging onto any old
domain computer - keyboard loggers, etc you know.

Open mmc and add the Group Policy snapin and browse over to the domain GPO
you want to manage. There is however a problem with the new XP SP2 Group
Policy templates which you want to fix FIRST by a patch as shown in the link
below or you will get a bunch of error messages about "something being too
long" and lock up the computer possibly.

http://support.microsoft.com/default.aspx?kbid=842933

As far as the GPO look under computer configuration/administrative
templates/network connections/network/Windows firewall/domain profile for
when users are physically connected to the lan. --- Steve

"Draughtsman" <mail@rathernot.com> wrote in message
news:Xns95DB79F341261QwErTy@207.46.248.16...
> Hi,
>
> When I open the settings of the Firewall on a client, I can edit the
> program exception list and ports for that client.
>
> Is there a way with GP I can make a program exception list for all the
> clients? And if so which GPO must I use?
> I know you can configure the Firewall settings for all the clients with
> the
> GPMC, but I can't seem to find a GPO where I can edit such things.
>
> grtz,
>
> Draughtsman.
>

Relevant Pages

  • Re: Group Policy
    ... I have a feeling that is where my issue is coming from with the administrators desktops being affected by my group policy. ... Check that the IE version is supported, shown in the settings ... Please post the path to the GPO setting. ... gpupdate /force on the client machine to update the settings. ...
    (microsoft.public.windows.server.setup)
  • Re: Unable to save GPO edits in Windows 2003 Small Bussiness Serve
    ... I am able to create GPO's on my test server and edit them as ... to delete the GPO at the very least. ... Group Policy Management "The server is unwilling to process the request" ...
    (microsoft.public.windows.server.sbs)
  • Re: Unable to save GPO edits in Windows 2003 Small Bussiness Serve
    ... The test server is the same OS as the server I am having issues with. ... I should be able to delete the GPO at the very least. ... I have tried to edit the new policy to push out workstation settings with no avail. ... Administrative Templates "The Group Policy snapin was unable to save your changes due to the following error: Logon failure: unknown username or bad password." ...
    (microsoft.public.windows.server.sbs)
  • Re: Group Policy
    ... Group policy refresh is done automatically between 90-120 minutes. ... If you like to changes immediately you have to make sure changes are replicated between all DCs and then run gpupdate /force on the client machine to update the settings. ... The client must be located in the OU where the GPO is linked to. ...
    (microsoft.public.windows.server.setup)
  • Re: Group Policy to control custom server application
    ... You'll be hard-pressed to do this via GPO. ... There is no remote notification mechanism in Group Policy that you can rely on. ... I don't see how you can let the server app know that the client has logged on without some kind of event-based notification communication between client and server. ...
    (microsoft.public.windows.server.active_directory)