RE: Group Policy Question on firewalls
From: Chris Hunhoff (chunhoff_at_eastriver.coop)
Date: 09/22/05
- Previous message: Russell Morrison: "Group Policy Question on firewalls"
- Maybe in reply to: Russell Morrison: "Group Policy Question on firewalls"
- Next in thread: Delgado, Jacob M.: "RE: Group Policy Question on firewalls"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 21 Sep 2005 17:02:57 -0500 To: "Russell Morrison" <rmorrison@axys.net>, "Focus-MS" <focus-ms@securityfocus.com>
Russell,
The simple answer is to make a group policy object and apply it the AD
container (organizational unit) which holds all of your computer
accounts. Just make sure that the servers or any other machines that you
do not want to be firewalled are in a different container and the policy
won't apply.
This link can probably explain it much better than I can:
http://msdn.microsoft.com/library/en-us/policy/policy/group_policy_archi
tecture.asp
Good Luck
-----Original Message-----
From: Russell Morrison [mailto:rmorrison@axys.net]
Sent: Wednesday, September 21, 2005 1:04 PM
To: 'Focus-MS'
Subject: Group Policy Question on firewalls
To all;
I would like to turn on the Windows Firewall application on all network
connected desktops and have seen where this can be done within the
Domain
Group Policy. However, I don't want to also turn on the firewalls on my
Windows 2003 servers as this will likely block normal network traffic.
Is
there a setting, either within the Domain Group Policy that allows me to
differentiate between servers and desktops for firewalls, or is there a
setting within the server local security policy or server registry that
would allow me to disable that service on the server? I am running 2003
AD,
2003 servers with latest patches, and a mixtures of XP and 2000 desktops
also running latest patches.
Thanks for any help.
R
***********************************************************************
Confidentiality Notice: This e-mail message, including any attachments,
is for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message plus any attachments.
***********************************************************************
------------------------------------------------------------------------
--- ------------------------------------------------------------------------ --- --------------------------------------------------------------------------- ---------------------------------------------------------------------------
- Previous message: Russell Morrison: "Group Policy Question on firewalls"
- Maybe in reply to: Russell Morrison: "Group Policy Question on firewalls"
- Next in thread: Delgado, Jacob M.: "RE: Group Policy Question on firewalls"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
