Solved

Group Policy SBS domain firewall add an allow

Posted on 2014-01-09
4
641 Views
Last Modified: 2014-01-13
Managing SBS 2011 domain.  I am installing shadow Protect on each of the machines and getting an error.  Shadow Protect sent me a link to this page, but I don't know how to do that with the (default?) group policy that keeps you from changing the firewall on domain member desktops.

http://www.storagecraft.com/support/kb/article/95

can  you help me?
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 14

Accepted Solution

by:
BlueCompute earned 500 total points
ID: 39771492
This is actually pretty easy on SBS2011.
Open up the Group Policy Management administrative tool. There you'll see a list of policies. Firewall configuration is a machine-level setting, so I'd be inclined to set it in the "Windows SBS Client - Windows 7 and Windows Vista" policy, which is linked under MyBusiness --> Computers --> SBSComputers. Find the policy there, right-click on it and select "Edit".
In the group policy editor, drill down to Computer configuration --> Windows Settings --> Security Settings --> Windows Firewall with Advanced Security --> Windows Firewall wiht Advanced Security --> Inbound Rules. Right-click in the empty space on the right and select "new rule". Select "Predefined" then select "Windows Management Instrumentation" in the dropdown.  Next through to the end of the wizard and the rule should be added to the policy.
To test, either reboot a client computer twice, or run "GPUPDATE /FORCE" on a client computer.
0
 

Author Comment

by:BeGentleWithMe-INeedHelp
ID: 39775485
Thanks.  when I chose wmi from the predefined, I got 3 different ones and checked all 3- dcom-in, asynch-in and wmi-in, I did your steps with the gpupdate /force and it said it was successful. and tried to connect.  I got 'the RPC server is not available' again.

Looking at the steps in that link, I did them manually with wf.msc .... I added the program (your steps above don't touch on that).  Once I did that, form the machine itself, I can connect to that computer. I added the program in the Group policy like I did manually on some machines. I think I got it working, although SP is still throwing errors about connectivitiy, but I'll deal with them.

thanks!
0
 
LVL 14

Expert Comment

by:BlueCompute
ID: 39776233
Hi,

Yep, just re-read the instructions from ShadowProtect and you're quite right; I missed a step - you neeed the WMI rules and the extra one for the ShadowProtect service. Just to clarify you did manage to get it working from Group Policy rather than doing it manually on each PC once you'd found out which rules needed adding?

Cheers,

BC
0
 

Author Comment

by:BeGentleWithMe-INeedHelp
ID: 39776248
yea, I think so.  thanks again.
0

Featured Post

MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SBS 2011 Backup Drive 8 90
Question about cloning SBS 2008 system drive using AOMEI BackUpper 3 48
Password recovery software 4 38
Bandwidth Hugers how to find them 9 45
If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

740 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question