Re: XPsp2 firewall - bug? - disables on certain networks
From: Torgeir Bakken \(MVP\) (Torgeir.Bakken-spam_at_hydro.com)
Date: 01/20/05
- Next message: Torgeir Bakken \(MVP\): "Re: USER ACCOUNT window"
- Previous message: Torgeir Bakken \(MVP\): "Re: Limit User Time"
- In reply to: John M: "Re: XPsp2 firewall - bug? - disables on certain networks"
- Next in thread: John M: "Re: XPsp2 firewall - bug? - disables on certain networks"
- Reply: John M: "Re: XPsp2 firewall - bug? - disables on certain networks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 20 Jan 2005 16:33:23 +0100
John M wrote:
> I'm curious as to where you learned that SP2 firewall determines
> it's connection via the DNS suffix, I could only find that it is
> determined wether it can contact a domain controller or not.
Hi
For the WinXP SP2 FW, contact with the domain controller is not
a part of this determination process (where did you find that
statement?).
Here is how the SP2 firewall determines if it is to activate
the domain or standard profile:
If last-received Group Policy update DNS name match any of the
connection-specific DNS suffixes of the currently connected
connections (not PPP or SLIP-based) on the computer the FW's
domain settings will be used. There is no way to change this
behavior.
From
The Cable Guy - May 2004
Network Determination Behavior for Network-Related Group Policy Settings
http://www.microsoft.com/technet/community/columns/cableguy/cg0504.mspx
<quote>
To apply this behavior to Windows Firewall settings:
() If the connection-specific DNS suffix of a currently connected
connection on the computer that is not PPP or SLIP-based (such as
an Ethernet or 802.11 wireless network adapter) matches the value
of the
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Group
Policy\History\NetworkName registry entry, Windows Firewall uses
the domain profile.
() If the connection-specific DNS suffix of a currently connected
connection on the computer that is not PPP or SLIP-based does not
match the value of the
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Group
Policy\History\NetworkName registry entry, Windows Firewall uses
the standard profile.
You can determine the connection-specific DNS suffixes of the
currently connected connections on the computer from the display
of the ipconfig command issued from a command prompt.
</quote>
Read the Cable Guy article for more about this.
-- torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway Administration scripting examples and an ONLINE version of the 1328 page Scripting Guide: http://www.microsoft.com/technet/scriptcenter/default.mspx
- Next message: Torgeir Bakken \(MVP\): "Re: USER ACCOUNT window"
- Previous message: Torgeir Bakken \(MVP\): "Re: Limit User Time"
- In reply to: John M: "Re: XPsp2 firewall - bug? - disables on certain networks"
- Next in thread: John M: "Re: XPsp2 firewall - bug? - disables on certain networks"
- Reply: John M: "Re: XPsp2 firewall - bug? - disables on certain networks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
