Hi, I have a GP set to enable Windows Firewall for all staff comptuers. Unfortunately, whenever we (IT Dept.) need to disable the firewall to perform AntiVirus installs and such we have to move the computers out of that OU (which has that GP attached) to disable the firewall temporarily. I was wondering if there is a way to allow a domain admin account to disable the windows firewall without moving the computer out of the OU? I would think there would be a way. What I mean, is when a domain admin account is used to log into a staff computer, it would disable the windows firewall regardless of the GP or at least not be grayed out so, we could disable it temorarily ourselves.
Thanks for any assistance provided.