[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 306
  • Last Modified:

turn off firewall?

my desktop is running xp.

How to I disable the firewall.

it is greyed out on my xp PC.

I have a separate box running sbs server 2003 and have full admin right to this if I need to change anything.

0
Cheryl Lander
Asked:
Cheryl Lander
  • 4
  • 3
  • 2
  • +3
1 Solution
 
powercramCommented:
You can do it in the domain group policy.
0
 
CaptN-MacCommented:
Is the XP machine joined to a domain? It sounds to me like either a domain GPO or the local security policy on your computer is restricting access to change the firewall settings. If this is the case, administrative access to your system may be a mute point ... unless you want to go registry hacking.
0
 
CaptN-MacCommented:
I read your post wrong. If you have admin access to the SBS server .. which tells me you probably have a domain setup .. run GPEDIT, (i you may need download the tool from Microsoft). Review the details of the default domain policy and any enabled, and enforced Group Policies. My guess is that you will find that one of them is turning the firewall on and disabling access to turn it off
.... thats what i did at my company for security reasons.
0
Take Control of Web Hosting For Your Clients

As a web developer or IT admin, successfully managing multiple client accounts can be challenging. In this webinar we will look at the tools provided by Media Temple and Plesk to make managing your clients’ hosting easier.

 
KCTSCommented:
If its a group policy applied on the server then you DONT want to be running GPEDIT (thats for local policies and group plocies will take precidence).

You need to find the setting in the group policy settings on the server and chnage them

see http://support.microsoft.com/kb/872769
0
 
Cheryl LanderAuthor Commented:
yep im connected to a domain.

I cant seem to find the gpedit installer. The only one I can locate is for sp1.

So how do I do this in the domain group policy.
0
 
CaptN-MacCommented:
Thx KCTs, i put the wrong command in there. Download the group policy editor from microsoft download center if its not already on your server :D
0
 
imxcoCommented:
If this isn't controlled thru GP, add or change this registry key:
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\EnableFirewall
to "0" (zero) DWORD
to turn firewall off.
0
 
KCTSCommented:
>> So how do I do this in the domain group policy. <<

see see http://support.microsoft.com/kb/872769 which I referred to earlier !!
0
 
CaptN-MacCommented:
C:\WINDOWS\system32\gpmc.msc
This is the group policy editor. I just forget if its there by default or not, i know you can get it from MS downloads if not.
0
 
KCTSCommented:
PLEASE PLEASE PLEASE
read http://support.microsoft.com/kb/872769 which I referred to earlier !!
Don't go chnaging the registry - the GPO will re-write it anyway "
0
 
Rob WilliamsCommented:
SBS has specific policies enabled by default which control the XP client's firewall. Open the group policy management console on the SBS and you will see:
  -Small Business Server Internet Conection Firewall
  -Small Business Server Windows Firewall

The first is set to prohibit the use of the older basic NAT firewall. You can leave this as is.
The second is configured for 2 scenarios.
  -Domain Profile (policies applied when connected to the domain)
  -Standard profile (policies applied when not connected to the domain, such as mobile computers/laptops)

By default with the SBS configuration, users are allowed to create exceptions, but not even admins can disable the firewall. In order to allow them to disable the firewall you need to disable the "Small Business Server Windows Firewall" GPO. The reason for this being you are giving them total control, so there is no need to enforce a policy. I highly discourage this, especially for mobile computers. They will switch it off, and never back on. It is better to teach them to create exceptions as needed, or better still you can add exceptions through group policy.

If you do need to disable the policy right click on it, choose GPO status, and then un-check Enabled. Do not delete it as you may want to re-enable at some point. The other option is to create a small OU of users or computers to which you want to a apply/link or not apply the policy.

Remember changing the policy takes about 90 minutes to apply to the clients, or on the client you can force an update using:
gpupdate  /force

The Firewall policies only exist if at least the following 2 updates have been applied to the SBS:
Windows Server 2003 SP1
Windows Small Business Server 2003 Update KB891193 for Windows XP Service Pack 2
0
 
Cheryl LanderAuthor Commented:
Ok.

Rob will was much more specific and better to understand.

I logged onto the server.

Group Policy management > Small business server windows Firewall > details.

Then I disabled all settings.

then on the client i did gpupdate  /force

0
 
Rob WilliamsCommented:
Thanks SWHosting.
Cheers !
--Rob
0

Featured Post

[Webinar] Kill tickets & tabs using PowerShell

Are you tired of cycling through the same browser tabs everyday to close the same repetitive tickets? In this webinar JumpCloud will show how you can leverage RESTful APIs to build your own PowerShell modules to kill tickets & tabs using the PowerShell command Invoke-RestMethod.

  • 4
  • 3
  • 2
  • +3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now