asked on Trying to enable Domain firewall
I just migrated my client from Server 2003 Enterprise to SBS 2011. I have found that every single workstation has the firewall disabled. The Domain firewall option is greyed out on the workstation saying that this setting is managed by your system administrator.
I went to the server and Opened Group Policy.
I navigated to "Domains - Company.local - MyBusiness - Computers - SBSComputers - Windows SBS Client Computers Windows 7" and edited the GPO There.
The exact GPO I enabled is "Computer Configuration - Policies - Administrative Templates - Network - Network Connections - Domain Profile - Windows Firewall: Protect all Network Connections"
I ensured that the link was both enabled and enforced but the workstation firewalls remain off.
How do I enable the Domain firewall?
I went to the server and Opened Group Policy.
I navigated to "Domains - Company.local - MyBusiness - Computers - SBSComputers - Windows SBS Client Computers Windows 7" and edited the GPO There.
The exact GPO I enabled is "Computer Configuration - Policies - Administrative Templates - Network - Network Connections - Domain Profile - Windows Firewall: Protect all Network Connections"
I ensured that the link was both enabled and enforced but the workstation firewalls remain off.
How do I enable the Domain firewall?
SBSWindows Server 2008Active Directory
Last Comment
LostInWindows
Run a group policy result against one for the workstations from group policy management on the sbs server. Review the settings after the report is made. The settings may be coming from another GP.
ASKER
I ran the GP Result from 1 workstation and it says:
Firewall State Off Default Domain Policy
How do I enable it?
Firewall State Off Default Domain Policy
How do I enable it?
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
That GPO was listed as Disabled. I enabled it. I will wait an hour and see if that changes my result.
Thanks!
Thanks!
The only question that you might want to ask yourself is, why was it disabled? Someone disabled that GPO for a reason.
I just don't want another issue to come up and bite you....
I just don't want another issue to come up and bite you....
ASKER
I need to look at the GPO on the old server.
I have looked after this company for more than 6 months and there is no reason for it to be disabled.
I have looked after this company for more than 6 months and there is no reason for it to be disabled.
ASKER
Thank you,