[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Where in Group Policy are the Firewall settings for work stations?

Posted on 2015-01-21
7
Medium Priority
?
844 Views
Last Modified: 2015-01-27
We have a Windows 2008 R2 Server. All workstations are Windows 7 Pro.

The Windows Firewall for all the workstations is showing off.  If we try to turn it on, we get the message:

Windows Firewall can't change some of your settings because they are controlled by Group Policy. Contact your system administrator if you need to change the settings.

So I am looking at the Group Policy settings and trying to find where I can turn the firewall on ONLY for the workstations.

Can someone advise exactly where that setting is.
We want the workstations to have the MS Firewall turned on... but when we try
0
Comment
Question by:Tomster2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 22

Assisted Solution

by:Joseph Moody
Joseph Moody earned 300 total points
ID: 40562852
These settings are in a few places. The easiest way for you to see where is to run a GPResult from the client. You can run GPResult /h report.htm to generate a report.

Here is a guide if you need it: http://deployhappiness.com/gpresult-or-rsop/
0
 
LVL 34

Accepted Solution

by:
it_saige earned 1400 total points
ID: 40562866
In Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Windows Firewall with Advanced Security.Capture.JPGIn the future, you can run the Resultant Set of Policy in 'Logging mode' in order to find where your policies are defined.

To run the Resultant Set of Policy (RSoP).
1.  Open MMC.
2.  Choos File -> Add/Remove Snap-in.
3.  Find and add the Resultant Set of Policy snap-in the the 'Selected snap-ins' list.  Press OK.
4.  Right-click on the Resultant Set of Policy and Choose 'Generate RSoP'.
5.  Follow the steps in the wizard to choose the options.

-saige-
0
 
LVL 3

Assisted Solution

by:Bahloul
Bahloul earned 300 total points
ID: 40563108
Hi,

view the below link it will provide you all configurations:-

https://technet.microsoft.com/en-us/library/bb490626.aspx

Bahloul.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:Tomster2
ID: 40570674
Sorry for the delay... will be working on this Tuesday (tomorrow).  Thanks for the replies will respond back when I try the info out.
0
 

Author Comment

by:Tomster2
ID: 40573557
I went to the screen saige suggested... I then configured the domain network to be on, using default settings for both inbound and outbound.

That turned the workstation firewalls on... and also the server... stopping all communication to the server We use a server install of Quickbooks - and all of the workstations loss access.

I went back to the server, same location, and changed the inbound, outbound and server settings to "not configured" ... but that left the firewalls for the server and the workstations on... and they remained on after a reboot.  Going to Turn Windows firewall on or off (server or workstations) gives the message: "For your security, some settings are managed by your system administrator." Fine... but I just put them back to unconfigured. Why are they still on...

As a stop gap, I tried turning the Windows Firewall Service on the Server off... but the workstations still cannot access the server. Everything is at a standstill.

Help!
0
 
LVL 34

Assisted Solution

by:it_saige
it_saige earned 1400 total points
ID: 40573575
After you changed the settings to Not Configured, did you run a gpupdate /force in order to immediately put those settings into affect?

Also, to immediately restore connectivity, you can change the settings (on the server) in the registry.  Navigate to -
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\

Open in new window

You will see multiple keys:
DomainProfile
FirewallRules
PublicProfile
RestrictedService
StandardProfile

Of these DomainProfile, PublicProfile and StandardProfile affect the enabling and disabling of the firewall.
To disable the firewall, select the key; i.e. DomainProfile and change the value of EnableFirewall to 0.

-saige-
0
 

Author Comment

by:Tomster2
ID: 40573958
Thank saige. While I was panicing I ran across a thread on the gpupdate /force.  I had forgotten about the delay time as I had not worked with gp for quite a while.

So now there was finally a correlation between what I was doing on the server.... with the results on the workstation.  I then got connectivity restored.

Will be working a bit more with this.

Thanks to everyone for the posts. Will be splitting the points.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The way I use Experts Exchange to assist me in analyzing and diagnosing a problem is I first enter a Verbose Question at Experts Exchange like: Office 2007 will hang when opening and saving files I then launch WordPad (any text editor will do) an…
Determining the an SCCM package name from the Package ID
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question