• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 306
  • Last Modified:

Group Policy Management for Firewall

I used the GPO in my domain controller  to set my server firewall - domain outbound block except allow all Core Networking of File and Printer Sharing rules.

After I set this up,  I use gpupdate /force on my server to update my firewall on the server.  That works well.

Subsequent gpupdate /force on my server no longer work.

It seems I might have stopped some outbound rules that is necessary for GPO update to work.

Is there any way I can change my server to accept GPO update, since my firewall on server is under GPO now.

0
tommym121
Asked:
tommym121
  • 2
1 Solution
 
Krzysztof PytkoActive Directory EngineerCommented:
Hi,

modify your GPO with firewall settings to allow also these ports

TCP,UDP 389, 445, 3269

on affected server, disable all firewall's profile temporairly and run

gpupdate /force or reboot it

after that re-enable firewall's profiles and check if it works again

Regards,
Krzysztof
0
 
tommym121Author Commented:
THanks
0
 
Krzysztof PytkoActive Directory EngineerCommented:
You're welcome :)

Krzysztof
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now