Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!
Disable firewall on domain computers with Policy - problem
I want to disable firewall on all computers attached to the domain as in the picture below.
The dc runs on Win 2012 Server (std, not r2)
Problem:
When editing GPO "Default Domain Policy", the values can't be changed in gpmc. E.g. they don't "stick".
Then I created a new gpo, MYGPO, linked it to the domain, and edited the settings. This time the settings "stuck".
But the firewall settings does not end up on domain computers, even after restart.
I could see in a log file that MYGPO was applied to the domain computer (correct linking I assume).
What went wrong and what to do about it?
The dc runs on Win 2012 Server (std, not r2)
Problem:
When editing GPO "Default Domain Policy", the values can't be changed in gpmc. E.g. they don't "stick".
Then I created a new gpo, MYGPO, linked it to the domain, and edited the settings. This time the settings "stuck".
But the firewall settings does not end up on domain computers, even after restart.
I could see in a log file that MYGPO was applied to the domain computer (correct linking I assume).
What went wrong and what to do about it?
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Based on what you have provided in your screenshot the issue is that you have "Not Configured" anything for windows firewall. Leaving the policy as NOT CONFIGURED means it is not going to do anything on the users machines. You need to set this to Off for Firewall State. Then try again.
If it still does not work then you might have a policy processing issue, i.e. security filtering.
I have just tested this in my lab and it works without and issue. Just run gpupdate /force and it will automatically change the value. You should not have to reboot it.
Will.
If it still does not work then you might have a policy processing issue, i.e. security filtering.
I have just tested this in my lab and it works without and issue. Just run gpupdate /force and it will automatically change the value. You should not have to reboot it.
Will.
Found this in the System log on DC..
"The processing of Group Policy failed because of an internal system error. Please see the Group Policy operational log for the specific error message. An attempt will be made to process Group Policy again at the next refresh cycle."
Where is the Group Policy operational log?
"The processing of Group Policy failed because of an internal system error. Please see the Group Policy operational log for the specific error message. An attempt will be made to process Group Policy again at the next refresh cycle."
Where is the Group Policy operational log?
Premium Content
You need an Expert Office subscription to comment.Start Free Trial