Solved

Group Policy SBS domain firewall add an allow

Posted on 2014-01-09
4
631 Views
Last Modified: 2014-01-13
Managing SBS 2011 domain.  I am installing shadow Protect on each of the machines and getting an error.  Shadow Protect sent me a link to this page, but I don't know how to do that with the (default?) group policy that keeps you from changing the firewall on domain member desktops.

http://www.storagecraft.com/support/kb/article/95

can  you help me?
0
Comment
  • 2
  • 2
4 Comments
 
LVL 14

Accepted Solution

by:
BlueCompute earned 500 total points
ID: 39771492
This is actually pretty easy on SBS2011.
Open up the Group Policy Management administrative tool. There you'll see a list of policies. Firewall configuration is a machine-level setting, so I'd be inclined to set it in the "Windows SBS Client - Windows 7 and Windows Vista" policy, which is linked under MyBusiness --> Computers --> SBSComputers. Find the policy there, right-click on it and select "Edit".
In the group policy editor, drill down to Computer configuration --> Windows Settings --> Security Settings --> Windows Firewall with Advanced Security --> Windows Firewall wiht Advanced Security --> Inbound Rules. Right-click in the empty space on the right and select "new rule". Select "Predefined" then select "Windows Management Instrumentation" in the dropdown.  Next through to the end of the wizard and the rule should be added to the policy.
To test, either reboot a client computer twice, or run "GPUPDATE /FORCE" on a client computer.
0
 

Author Comment

by:BeGentleWithMe-INeedHelp
ID: 39775485
Thanks.  when I chose wmi from the predefined, I got 3 different ones and checked all 3- dcom-in, asynch-in and wmi-in, I did your steps with the gpupdate /force and it said it was successful. and tried to connect.  I got 'the RPC server is not available' again.

Looking at the steps in that link, I did them manually with wf.msc .... I added the program (your steps above don't touch on that).  Once I did that, form the machine itself, I can connect to that computer. I added the program in the Group policy like I did manually on some machines. I think I got it working, although SP is still throwing errors about connectivitiy, but I'll deal with them.

thanks!
0
 
LVL 14

Expert Comment

by:BlueCompute
ID: 39776233
Hi,

Yep, just re-read the instructions from ShadowProtect and you're quite right; I missed a step - you neeed the WMI rules and the extra one for the ShadowProtect service. Just to clarify you did manage to get it working from Group Policy rather than doing it manually on each PC once you'd found out which rules needed adding?

Cheers,

BC
0
 

Author Comment

by:BeGentleWithMe-INeedHelp
ID: 39776248
yea, I think so.  thanks again.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Managing 24/7 IT Operations is a hands-on job and indeed a difficult one. Over the years I have found some simple tips and techniques to increase the efficiency of the overall operations. The core concept has always been on continuous improvement; a…
Resolve DNS query failed errors for Exchange
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now