Timbertool12
asked on
Group Policy setting for Windows Firewall
Guy's this is sooooo!!! urgent.
Have a Windows Server 2003 controlling 5 XP workstations.
the server (by default) has turned on all the firewalls and now I cannot remote install/ assist etc.
Please can someone guide me to the Group policy thats doing this .
Have a Windows Server 2003 controlling 5 XP workstations.
the server (by default) has turned on all the firewalls and now I cannot remote install/ assist etc.
Please can someone guide me to the Group policy thats doing this .
to create a group policy, you will need to have your users, in an OU in the active directory, then you access group policys via properties of the ou, under group policys, just click new policy, give it a meanful name, make you changes to the policy,
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/mangxpsp2/mngintro.mspx
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/mangxpsp2/mngintro.mspx
You can also download the Group Policy management tool from MS where you have a better view of your policies.
http://www.microsoft.com/windowsserver2003/gpmc/default.mspx
http://www.microsoft.com/windowsserver2003/gpmc/default.mspx
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Side question... is it necessary/advisable to have XP's firewall running on a desktop machine in a domain like this?
- in a domain enviroment - that is secured by it own network Firewall(s) and or network segragation - then no turn it off
on your aunty Mables home PC'turn it on :)
on your aunty Mables home PC'turn it on :)
no, you should have an external firewall so the desktops dont need one.
mleman---the policy that controls the firewall is a COMPUTER policy,, meaning it is 100% irrelevant which OU the users are, it is however 100% relevant which OU the computers are in.
pdxsrw,, i always have the firewall turned off so i can do various administrative tasks to the computers in a domain (i'm sure many would diagree with that). you should however have a good hardware firewall between your lan and the internet to protect your computers from the internet. no need to protect your lan from itself is there?? MS turned on the firewall if you do a default install of SP2 (no switches) b/c it is advisable to do so on a network without a good hardware firewall, but of course this screws up network admins' ability to manage the PCs.
pdxsrw,, i always have the firewall turned off so i can do various administrative tasks to the computers in a domain (i'm sure many would diagree with that). you should however have a good hardware firewall between your lan and the internet to protect your computers from the internet. no need to protect your lan from itself is there?? MS turned on the firewall if you do a default install of SP2 (no switches) b/c it is advisable to do so on a network without a good hardware firewall, but of course this screws up network admins' ability to manage the PCs.
ASKER
Your the puppy's parts old chap.
Just what I needed.
Still slaving away on this one 22:07 GMT.
Still, with your knowledge Pete, I should have it cracked soon.
Regards,
Timbertool12
Just what I needed.
Still slaving away on this one 22:07 GMT.
Still, with your knowledge Pete, I should have it cracked soon.
Regards,
Timbertool12
LOL its Ten o clock up here in Middlesbrough m8 - get knocked off and get yer ead down :)
ThanQ
ThanQ
you will need the service pack 2 adm files.
when you have done this you will be able to set a group policy enabling, disabling, populating exception losts etc.