Solved

Group Policy SBS domain firewall add an allow

Posted on 2014-01-09
4
647 Views
Last Modified: 2014-01-13
Managing SBS 2011 domain.  I am installing shadow Protect on each of the machines and getting an error.  Shadow Protect sent me a link to this page, but I don't know how to do that with the (default?) group policy that keeps you from changing the firewall on domain member desktops.

http://www.storagecraft.com/support/kb/article/95

can  you help me?
0
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 14

Accepted Solution

by:
BlueCompute earned 500 total points
ID: 39771492
This is actually pretty easy on SBS2011.
Open up the Group Policy Management administrative tool. There you'll see a list of policies. Firewall configuration is a machine-level setting, so I'd be inclined to set it in the "Windows SBS Client - Windows 7 and Windows Vista" policy, which is linked under MyBusiness --> Computers --> SBSComputers. Find the policy there, right-click on it and select "Edit".
In the group policy editor, drill down to Computer configuration --> Windows Settings --> Security Settings --> Windows Firewall with Advanced Security --> Windows Firewall wiht Advanced Security --> Inbound Rules. Right-click in the empty space on the right and select "new rule". Select "Predefined" then select "Windows Management Instrumentation" in the dropdown.  Next through to the end of the wizard and the rule should be added to the policy.
To test, either reboot a client computer twice, or run "GPUPDATE /FORCE" on a client computer.
0
 

Author Comment

by:BeGentleWithMe-INeedHelp
ID: 39775485
Thanks.  when I chose wmi from the predefined, I got 3 different ones and checked all 3- dcom-in, asynch-in and wmi-in, I did your steps with the gpupdate /force and it said it was successful. and tried to connect.  I got 'the RPC server is not available' again.

Looking at the steps in that link, I did them manually with wf.msc .... I added the program (your steps above don't touch on that).  Once I did that, form the machine itself, I can connect to that computer. I added the program in the Group policy like I did manually on some machines. I think I got it working, although SP is still throwing errors about connectivitiy, but I'll deal with them.

thanks!
0
 
LVL 14

Expert Comment

by:BlueCompute
ID: 39776233
Hi,

Yep, just re-read the instructions from ShadowProtect and you're quite right; I missed a step - you neeed the WMI rules and the extra one for the ShadowProtect service. Just to clarify you did manage to get it working from Group Policy rather than doing it manually on each PC once you'd found out which rules needed adding?

Cheers,

BC
0
 

Author Comment

by:BeGentleWithMe-INeedHelp
ID: 39776248
yea, I think so.  thanks again.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We recently endured a series of broadcast storms that caused our ISP to shut us down for brief periods of time. After going through a multitude of tests, we determined that the issue was related to Intel NIC drivers on some new HP desktop computers …
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Suggested Courses

631 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question