studios
asked on
Need windows firewall disabled/grayed out when on SBS 2003 network but need user to be able to turn windows firewall on/off when off the network to use VPN
Currently I have the GP on the SBS 2003 server disabled for the network profile and not configured for the standard profile. This keeps the firewall off while they are on the network (which I want) but when they are off the network the windows firewall is on and grayed out and says set by group policy). I have some users that need the windows firewall to be on when they are not on the network and some that need to be able to turn it off when they are off the network so they can use their VPN client. How do I configure the GP to allow them the ability to turn it on and off when they are not on the network?
Sorry you said...
"How do I configure the GP to allow them the ability to turn it on and off when they are not on the network?"
When they are not on the network OK...
These users can't disable and enable services if they are just "Users"
See if this helps, it sems to deal with your needs....
http://www.jsifaq.com/subj/tip4600/rh4673.htm
"How do I configure the GP to allow them the ability to turn it on and off when they are not on the network?"
When they are not on the network OK...
These users can't disable and enable services if they are just "Users"
See if this helps, it sems to deal with your needs....
http://www.jsifaq.com/subj/tip4600/rh4673.htm
That article does not mention that you first have to ceate
the snap in to access "Active Directory Users and Computers"
Start > Run >
Type: MMC
Then: File > Add/Remove Snap-In > Add > Active Directory Users and Computers
Then you'd have to follow the guide from the link above.
the snap in to access "Active Directory Users and Computers"
Start > Run >
Type: MMC
Then: File > Add/Remove Snap-In > Add > Active Directory Users and Computers
Then you'd have to follow the guide from the link above.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
is a problem - the Windows Firewall is tied in with "Internet Connection Sharing"
On a network I should think you need the Internet Connection Sharing (ICS) service
always running to even communicate with the other systems. But like you say, you
would be on a Virtual Private Network so I am not too sure if you would need ICS
but more than likely you will. Blame Microsoft, I do! Why they tied the two services
together like that is beyond me its just stupid and a bad design.