Re: Netsh and IPSec Policies

From: Nick (someone_at_nospam.net)
Date: 10/26/04 

Date: Tue, 26 Oct 2004 19:13:00 +0100

David,

Thanks for responding, I will trying this out and let you know - what you
said makes perfect sense re: the shell, so I'm hopeful for this.

Thanks again.

Nick

"David Beder [MSFT]" <dbeder@online.microsoft.com> wrote in message
news:%23kiIeTAuEHA.1008@tk2msftngp13.phx.gbl...
> once your script returns from the first command, all context is lost, so
> for the second command the shell is going to assume you're trying to edit
> the local computer. What you need to do is create a file with ipsec
> commands, then call it from a single netsh command. Unfortunately I don't
> have a server at home so can't give you the specific syntax but the
> general idea would be:
>
> mypolicy.txt:
> ipsec
> static
> set store location=domain domain='FQDN of Domain'
> set policy name="Test Policy" activatedefaultrule=no gponame="Default
> Domain Policy" assign=yes
>
> mypolicy.cmd
> netsh -f mypolicy.txt
>
>
> --
> David
> Microsoft Windows Networking
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
>
>
> "Nick" <someone@nospam.net> wrote in message
> news:%23mPvQC4tEHA.1272@TK2MSFTNGP12.phx.gbl...
>>I hope someone can help me with this, I am trying to use 'netsh' on
>>Windows 2003 to script the creation of IPSec Policies and IPSec Filters. I
>>have got this to work well for the Local Computer, but when I try and get
>>it to create the Policy as part of the Domain Security Policy it does not
>>work.... I have used the command:
>>
>> netsh ipsec static set store location=domain domain='FQDN of Domain'
>>
>> This command is accepted OK, but then when the follow command runs it
>> fails:
>>
>> netsh ipsec static set policy name="Test Policy" activatedefaultrule=no
>> gponame="Default Domain Policy" assign=yes
>>
>> It says that 'gponame' is not valid is this context. The thing is, it
>> works if I enter it all manually from the netsh interface, but not from a
>> Command file. I have checked TechNet and it says it should work OK in
>> both instances.
>>
>> Any help appreciated.
>>
>> Thanks in advance.
>>
>> Nick
>>
>>
>
>

Relevant Pages

  • Re: Getmac reports ERROR Provider type not defined.
    ... I had an image where my netsh setup worked perfectly at the end of FBA. ... had Winlogon and Explorer Shell. ... > Network Command Shell Interface Context ...
    (microsoft.public.windowsxp.embedded)
  • Netsh and IPSec Policies
    ... I hope someone can help me with this, I am trying to use 'netsh' on Windows ... 2003 to script the creation of IPSec Policies and IPSec Filters. ... create the Policy as part of the Domain Security Policy it does not work.... ... This command is accepted OK, but then when the follow command runs it fails: ...
    (microsoft.public.windows.server.security)
  • Re: Netsh and IPSec Policies
    ... the second command the shell is going to assume you're trying to edit the ... What you need to do is create a file with ipsec commands, ... then call it from a single netsh command. ... I have got>this to work well for the Local Computer, but when I try and get it to>create the Policy as part of the Domain Security Policy it does not>work.... ...
    (microsoft.public.windows.server.security)
  • Why newbies dont RTFM...
    ... Even though I've used Linux before, I've never had to do any ... BASH BUILTIN COMMANDS ... last command exited within ... unless the shell is not exeâ ...
    (comp.os.linux.misc)
  • Re: Great SWT Program
    ... None of the nasty things that you have said or implied about me are at ... treat the file as input (manually invoking the command interpreter ... script, copy the line into that within the editor, exit, and invoke ... the shell script. ...
    (comp.lang.java.programmer)