Solved

Group Policy SBS domain firewall add an allow

Posted on 2014-01-09
4
633 Views
Last Modified: 2014-01-13
Managing SBS 2011 domain.  I am installing shadow Protect on each of the machines and getting an error.  Shadow Protect sent me a link to this page, but I don't know how to do that with the (default?) group policy that keeps you from changing the firewall on domain member desktops.

http://www.storagecraft.com/support/kb/article/95

can  you help me?
0
Comment
  • 2
  • 2
4 Comments
 
LVL 14

Accepted Solution

by:
BlueCompute earned 500 total points
ID: 39771492
This is actually pretty easy on SBS2011.
Open up the Group Policy Management administrative tool. There you'll see a list of policies. Firewall configuration is a machine-level setting, so I'd be inclined to set it in the "Windows SBS Client - Windows 7 and Windows Vista" policy, which is linked under MyBusiness --> Computers --> SBSComputers. Find the policy there, right-click on it and select "Edit".
In the group policy editor, drill down to Computer configuration --> Windows Settings --> Security Settings --> Windows Firewall with Advanced Security --> Windows Firewall wiht Advanced Security --> Inbound Rules. Right-click in the empty space on the right and select "new rule". Select "Predefined" then select "Windows Management Instrumentation" in the dropdown.  Next through to the end of the wizard and the rule should be added to the policy.
To test, either reboot a client computer twice, or run "GPUPDATE /FORCE" on a client computer.
0
 

Author Comment

by:BeGentleWithMe-INeedHelp
ID: 39775485
Thanks.  when I chose wmi from the predefined, I got 3 different ones and checked all 3- dcom-in, asynch-in and wmi-in, I did your steps with the gpupdate /force and it said it was successful. and tried to connect.  I got 'the RPC server is not available' again.

Looking at the steps in that link, I did them manually with wf.msc .... I added the program (your steps above don't touch on that).  Once I did that, form the machine itself, I can connect to that computer. I added the program in the Group policy like I did manually on some machines. I think I got it working, although SP is still throwing errors about connectivitiy, but I'll deal with them.

thanks!
0
 
LVL 14

Expert Comment

by:BlueCompute
ID: 39776233
Hi,

Yep, just re-read the instructions from ShadowProtect and you're quite right; I missed a step - you neeed the WMI rules and the extra one for the ShadowProtect service. Just to clarify you did manage to get it working from Group Policy rather than doing it manually on each PC once you'd found out which rules needed adding?

Cheers,

BC
0
 

Author Comment

by:BeGentleWithMe-INeedHelp
ID: 39776248
yea, I think so.  thanks again.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now