We have the following group policy settings in OU:
http://www.aijaa.com/v.php?i=3777399.pnghttp://www.aijaa.com/v.php?i=3777404.pngDomain profile sets firewall off when host is connected to corporate domain. Standard profile sets firewall on when laptops are out of corporate domain network.
For some reason, one desktop computer (Vista Business) thinks it is out of the domain when determining which Firewall profile to use. It is never moved out of the domain. Here is a capture of "netsh firewall show state" command:
Firewall status:
--------------------------
----------
----------
----------
----------
-
Profile = Standard
Operational mode = Enable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable
Group policy version = Windows Firewall
Remote admin mode = Disable
Ports currently open on all network interfaces:
Port Protocol Version Program
--------------------------
----------
----------
----------
----------
-
135 TCP Any (null)
500 UDP Any (null)
4500 UDP Any (null)
31107 TCP Any (null)
31106 TCP Any (null)
31105 TCP Any (null)
http://www.aijaa.com/v.php?i=3777435.pngIt states that it uses standard profile.
All other hosts state that they use the domain profile:
Firewall status:
--------------------------
----------
----------
----------
----------
-
Profile = Domain
Operational mode = Disable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable
Group policy version = Windows Firewall
Remote admin mode = Disable
Ports currently open on all network interfaces:
Port Protocol Version Program
--------------------------
----------
----------
----------
----------
-
7801 TCP Any (null)
2967 TCP Any (null)
2702 UDP Any (null)
2702 TCP Any (null)
2701 UDP Any (null)
2701 TCP Any (null)
http://www.aijaa.com/v.php?i=3777462.pngMy goal is that all hosts get the Domain profile in the firewall settings when they are inside the domain network. The computers are in right OU. How should I proceed?