Solved

Group Policy Management for Firewall

Posted on 2011-09-29
3
295 Views
Last Modified: 2012-05-12
I used the GPO in my domain controller  to set my server firewall - domain outbound block except allow all Core Networking of File and Printer Sharing rules.

After I set this up,  I use gpupdate /force on my server to update my firewall on the server.  That works well.

Subsequent gpupdate /force on my server no longer work.

It seems I might have stopped some outbound rules that is necessary for GPO update to work.

Is there any way I can change my server to accept GPO update, since my firewall on server is under GPO now.

0
Comment
Question by:tommym121
  • 2
3 Comments
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 500 total points
ID: 36815312
Hi,

modify your GPO with firewall settings to allow also these ports

TCP,UDP 389, 445, 3269

on affected server, disable all firewall's profile temporairly and run

gpupdate /force or reboot it

after that re-enable firewall's profiles and check if it works again

Regards,
Krzysztof
0
 

Author Closing Comment

by:tommym121
ID: 36815408
THanks
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 36815432
You're welcome :)

Krzysztof
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Both MMF (multi-mode fiber) and SMF (single-mode fiber) are types of optical fiber that can aid in communication applications. These thin strands of silica or glass will allow communication to occur between devices. The transmission of light between…
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now