Solved

Windows Server 2008 - retain firewall settings after sysprep

Posted on 2011-03-01
1
2,477 Views
Last Modified: 2012-05-11
Greetings experts -

I'm deploying Windows Server 2008 x86 and x64 (not R2) in our virtual environment via sysprepped template.  On the master VM I enabled firewall exceptions for "Remote Desktop Connection" and "File and Printer Sharing" so folks can immediately ping and then RDP to the deployed VM without having to log into the console first.

Unfortunately sysprep seems to reset the firewall to defaults, disabling both of these exceptions in the deployed VM.

Is there some way to tell sysprep to not do this?  By local group policy, the registry, etc.?

Thanks in advance, as always.
0
Comment
Question by:annexit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 

Accepted Solution

by:
annexit earned 0 total points
ID: 35020848
After doing some research and testing I figured this one out on my own.  I'll post it here for others.

Moderator - this can be closed out.

************************************************************************************************
Windows Server 2008 (not R2) Firewall Settings via GPEDIT.MSC

These settings are retained after sysprepping the machine.

Click Run, type "gpedit.msc"

Navigate to Computer Configuration > Windows Settings > Security Settings > Windows Firewall with Advanced Security

Go to Windows Firewall with Advanced Security - Local Group Policy Object > Inbound Rules

To enable RDP, which keeps after sysprepping:
      Right-click on "Inbound Rules" and select "New Rule"
      Select "Predefined", then "Remote Desktop" from the drop-down
      Keep pressing Next, "Allow the Connection", press Finish

To enable File and Printer Sharing, which keeps after sysprepping:
      Right-click on "Inbound Rules" and select "New Rule"
      Select "Predefined", then "File and Printer Sharing" from the drop-down
      Keep pressing Next, "Allow the Connection", press Finish

Exit gpedit

Reboot
0

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question