Re: Windows firewall spontaneously changes profiles

From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 06/28/05 

Date: Mon, 27 Jun 2005 20:09:16 -0500

My guess is that this happens when a domain controller is not detected by
the computer and the user may be logging on with cached credentials - at
least initially. Check and see if the Event ID 860 is being recorded at or
close to the time of computer startup. You can also use the support tool
gpresult on a computer to see the last time that a computer had Group Policy
applied. It should show that Group Policy was applied at the time of
startup. The support tool netdiag can be used to check for network
connectivity, dns name resolution, dc discovery, and trust/secure channel. I
would run netdiag on your domain controllers and domain computers. Dns
problems can often cause inconsistent application of Group Policy. ---
Steve

http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B291382 ---
Active Directory dns FAQ.

"David Carlin" <dcarlin3@yahoo.com> wrote in message
news:ucBYhn0eFHA.2740@TK2MSFTNGP10.phx.gbl...
> I'm having a problem where both XP SP2 and Server 2003 SP1 machines
> spontaneously change firewall profiles every couple weeks. The event log
> entry is this:
>
> Event Type: Success Audit
> Event Source: Security
> Event Category: Policy Change
> Event ID: 860
> User: NT AUTHORITY\SYSTEM
> Computer: COMPUTERNAME
> Description:
> The Windows Firewall has switched the active policy profile.
> Active profile: Standard
>
> The issue being, the standard profile is stock. None of my exceptions are
> listed and file sharing, network backups, antivirus updates, etc.. are
> disrupted.
>
> Why is windows switching profiles? What criteria does it use to suddenly
> decide not to use the domain profile? I'd hate to think a momentary
> network blip could cause something unpredictable like this.
>
> Ideally, is there a way I can can have the domain profile always in use?
> Do I have to maintain both a Standard and Domain profile with identical
> settings?
>
> Thank You,
>
> -David Carlin

Relevant Pages

  • Re: Windows Firewall and 2003 SP1 Domain Controllers
    ... the "standard" profile instead of the "domain profile in Group policy. ... Firewall Group Policy is being applied to the domain controller and from ...
    (microsoft.public.windows.server.security)
  • Re: Would like to lockdown public computer
    ... If you use the guest account be ... Learn to use Group Policy. ... > protect the cmos settings as it is easy to reboot a computer from a floppy ... > the mandatory profile on the local computer and then have the users ...
    (microsoft.public.win2000.security)
  • Re: How do you all manage employee workstations? Looking for sugge
    ... When enabled roaming profiles, users have same profiles ... been authenticated within the directory service, the user profile, ... You can use group policy to assign software to all workstations. ... How to use Group Policy to remotely install software in Windows Server 2003 ...
    (microsoft.public.windows.server.sbs)
  • Re: Roaming Profiles
    ... I understand you want to know what roaming profile ... the profile folder on the central sharing which means when you ... There are two ways to manage your group policy. ... Second way is Click Start -> Server Management, ...
    (microsoft.public.windows.server.sbs)
  • Re: folder redirection for 1 out of 70 users is not working... why
    ... this user out and renamed his profile folder locally and on the profiles ... Group Policy Infrastructure failed due to the error listed below. ... I dont understand the bad username/password, the user logs in fine. ... Everything works great except this folder redirection. ...
    (microsoft.public.windows.server.general)