Re: XP SP2 Firewall

Hi Steve

Both those settings are already enabled to allow the Remote Assistance
binaries and to allow RPC service on port 135.

Local admins can create new ports and program exceptions, they just need
to be able to enable File & Print when required.

Before I added this policy, the firewall settings that were configured
by GP were grayed out, those that weren't could be changed as required.

Not sure if this would make any difference but we have loopback
processing enabled in merge mode.

thanks
Andrew
In article <etpt9SgoFHA.2920@xxxxxxxxxxxxxxxxxxxx>, n9rou@nospam-
comcast.net says...
> Hi Andrew.
>
> Try enabling the Group Policy settings for allow local program exceptions
> and allow local port exceptions to see if that helps. --- Steve
>
>
> "AndMart" <aahhrg2REMOVEME@xxxxxxxxxxx> wrote in message
> news:MPG.1d6a5fdcd0d17e9f989680@xxxxxxxxxxxxxxxxxxxxxxx
> > Hi
> >
> > I do want the Firewall to run, I just want the local admins to be able
> > to change those settings that are not set by Group Policy.
> >
> > thanks
> > Andrew
> >
> > In article <8DEFD22B-DEB5-483C-A257-F947F8F0EA37@xxxxxxxxxxxxx>,
> > VMM@xxxxxxxxxxxxxxxxxxxxxxxxx says...
> >> Hi,
> >>
> >> You shold set to not configured the following policy:
> >> Windows Firewall: Protect all network connections under Computer
> >> Configuration | Administrative Templates | Network | Network Connections
> >> |
> >> Windows Firewall | Domain Profile
> >>
> >> If you disable this policy setting, Windows Firewall does not run. This
> >> is
> >> the only way to ensure that Windows Firewall does not run and
> >> administrators
> >> who log on locally cannot start it.
> >>
> >> If you do not configure this policy setting, administrators can use the
> >> Windows Firewall component in Control Panel to turn Windows Firewall on
> >> or
> >> off, unless the "Prohibit use of Internet Connection Firewall on your DNS
> >> domain network" policy setting overrides.
> >>
> >> Regards,
> >> "AndMart" wrote:
> >>
> >> > Hi
> >> >
> >> > I have setup a policy to enable Unsolicited Remote Assistance for PCs
> >> > within our subnet, which is working fine. However, the local admins
> >> > have
> >> > noticed that since the policy was deployed they are unable to make
> >> > changes to the existing Firewall settings. They can add new exceptions.
> >> >
> >> > For example, the File & Print sharing option is grayed out but the
.

Relevant Pages

  • Re: GPInventory
    ... The settings look fine but possibly your Group Policy settings are not ... settings for the computer configuration, ... Windows Firewall: ...
    (microsoft.public.windowsxp.security_admin)
  • RE: Is Symantec Antivirus 10.1 a usable product?
    ... provide exceptions for 3 or 4 programs. ... Click on the "Application Settings" tab. ... Windows Firewall Group Policy Settings: ...
    (microsoft.public.windows.server.sbs)
  • RE: group policy
    ... Windows firewall seettings should NOT be propagating to any servers. ... COntrollers and server OUs should be set to not allow inheritance. ... is the best policy and makes life SO much easier. ... Based on what you said about the settings having to be under the domain ...
    (microsoft.public.windows.server.sbs)
  • RE: group policy
    ... "Windows Firewall" settings should work properly in Group Policy. ... The domain profile settings that are used by the computers when they are ...
    (microsoft.public.windows.server.sbs)
  • Re: Windows XP firewall and RPC question
    ... I went into Group Policy Management, ... Small Business Server Windows Firewall and selected Edit. ... I think you can just change the settings in GPO back to the default after ... If the test does not involve all machines, I suggest you create a new OU ...
    (microsoft.public.windows.server.sbs)