Re: SP1 Firewall Question

From: Stephen Cartwright [MSFT] (scart_at_online.microsoft.com)
Date: 04/14/05 

Date: Thu, 14 Apr 2005 14:12:20 -0700

There is also Firewall and Group Policy newsgroups that would be better to
address your question
microsoft.public.windows.group_policy
microsoft.public.windows.networking.firewall 

-- 
Stephen Cartwright [MSFT]
"This posting is provided "AS IS" with no warranties, and confers no 
 rights."
"jerry cantrell" <undisclosed@earth.net> wrote in message 
news:O0pSaRIQFHA.2132@TK2MSFTNGP14.phx.gbl...
> I've configured a policy on a new GPO that is linked to a Domain 
> Controllers
> OU. I can see using the GPMC modelling that the correct "Domain Profile"
> firewall settings are being" applied to the domain controllers. This
> includes remote desktop enablement.
>
> However when the policy is refreshed on the DC's, I soon lose 
> connectivity,
> and they're all exhibiting strange behaviours.
>
> Noting one of the previous SP1 Firewall problem posts, given below, I am
> wondering - aside from using the GPMC results wizard, which I don't know
> whether to trust,  how can I tell whether the Domain Profile or Domain
> Standard is being enforced?
>
> NETSH firewall Show State tells me a little, but not enough.
>
>
> jerry.
>
>
> "Leighton Earl" <leighton.earl@gmail.com> wrote in message
> news:da90d4f3.0504040844.61876686@posting.google.com...
>>I have installed SP1 on one of our Windows 2003 domain controllers.
>> Unfortunately the Windows firewall is applying the non domain policy
>> which blocks everything. I think this is because this registry key has
>> a null value:
>> NKLM\software\microsoft\windows\currentversion\group
>> policy\history\networkname
>>
>> sourced from:
>> http://www.microsoft.com/technet/community/columns/cableguy/cg0504.mspx
>>
>> Other servers have correctly assigned network names, it seems only our
>> domain controllers suffer from this.
>>
>> Why do only the domain controllers have null network names
>
>

Relevant Pages

  • Re: Windows firewall for domain controllers
    ... If you have the policy defined in a higher level policy and in the DC policy only the DC policy will apply, since all the exceptions are in one settings. ... So as far as the share acces failing, I'm not sure about, you'll need to do some troubleshooting with the firewall log file to see what is being blocked, but I would say it had something to do with authentication to the DC not working properly. ... Windows Firewall: Protect all network connections - Enabled ... on our two domain controllers. ...
    (microsoft.public.windows.group_policy)
  • Re: [fw-wiz] httport 3snf
    ... > Having worked in the Firewall support role at several companies, ... I had my CIO approve my security policy. ... time educating him about Internet risk. ... There's also a very good "at what point is the firewall now useless" ...
    (Firewall-Wizards)
  • RE: Sandboxing
    ... the 3Com Embedded Firewall would be extremely useful and enabling (in ... your case) when you look at it in a VPN context. ... This security policy will accomplish quite a few things: ... During the Policy Server installation, ...
    (Focus-IDS)
  • Re: Questions About Windows Firewall and Domain Policy Enforcement
    ... Can you please provide me with more detail with what you mean by connecting ... configure the firewall, namely group policy, net shell scripts, manual ... You can do this through group policy or a login script. ... > as there is no Standard Profile configured. ...
    (microsoft.public.win2000.group_policy)
  • Re: Questions About Windows Firewall and Domain Policy Enforcement
    ... Can you please provide me with more detail with what you mean by connecting ... configure the firewall, namely group policy, net shell scripts, manual ... You can do this through group policy or a login script. ... > as there is no Standard Profile configured. ...
    (microsoft.public.windows.group_policy)