Solved

Disable Win 7 Firewall using GPO

Posted on 2013-01-29
4
391 Views
Last Modified: 2013-02-04
Trying to disable Win 7 Firewall through AD and GPO. Normal settings in GPO do not seem to be working.

Disabling Administrative templates, Network, Network connections, Windows firewall, Domain and Standard profiles to "Prohibit all network connections" should do it, correct? What am I missing? AD is on a Win 2003 server....
0
Comment
Question by:ocantrell
  • 3
4 Comments
 
LVL 28

Expert Comment

by:becraig
ID: 38832713
Go to Start > Administrative Tools > Policies
    Select the policy to edit (Usually: the default policy), right-click and choose “edit”.
    Go to Administrative Templates > Network > Network connections > Windows Firewall > Domain Profile.
    Disable the “Protect All Network connections” rule.  Just to be sure, you can do the same for the “Standard Profile”, as well.
0
 

Author Comment

by:ocantrell
ID: 38834834
That's what I had originally tried.......Just tried again and still does not work (??) I must be missing something like another setting overiding?
0
 

Accepted Solution

by:
ocantrell earned 0 total points
ID: 38834907
A local engineer, Joe Blanchard, provided a solution that worked for me. Here are his steps.

  1.  This must be done from a Windows 2008 server, or a Windows 7 PC. Their policies look a little different, but will link just fine to 2000 and up Domain controllers.
  2.  Win 7 is a little more involved since you have to have RSAT installed for GPMC to show up. (I take the easy way and use a 2008 server if available.)
  3.  Be sure GPMC is installed on Server 2008, (Under Server Manager- Add Roles) I can't remember if it is a role or feature, but it will be under one of those.
  4.  Be sure to create a New Policy instead of editing an old one, that way you have more options if things go to pot.
  5.  Add the firewall settings you need under >Computer Config > Windows Settings > Security Settings > Windows Firewall with Advanced Security
  6.  Close the editor
  7.  Review settings of the Policy via the settings tab
  8.  Link the Policy object to the OU that contains the machines you need the Policy applied to.
  9.  Either wait, or run a gpupdate /force on the PC you are testing on.
  10. Troubleshoot with RSOP if available.
0
 

Author Closing Comment

by:ocantrell
ID: 38850414
Solution provided by a local MS engineer
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now