Re: Turning on the firewall via a GPO

From: Harrison Midkiff (HMidkiff_at_aviinc.com)
Date: 05/03/05 

Date: Tue, 3 May 2005 08:32:01 -0400

Tom:

Excellent.... Works perfectly.... Thanks....

Harrison Midkiff

"Tom Che [MSFT]" <v-tomche@online.microsoft.com> wrote in message
news:GHIzRM8TFHA.388@TK2MSFTNGXA01.phx.gbl...
> Hi Harrison,
>
> Thanks for posting here. Also thank the other customer's reply.
>
> From your post, my understanding of your concern is: You want to know how
> to configure the Windows Firewall to allow user to turn off the Firewall,
> but itself will turn on after next restarting. If this is not correct,
> please feel free to let me know.
>
> Although there isn't a proper simple policy with GPO to do this, we still
> can complete this by Script:
>
> 1. Edit a script which can run the following command:
>
> netsh firewall set opmode enable
>
> Above command will turn on the Windows Firewall
>
> For more information about this command, please refer to the following
> document:
>
> Deploying Windows Firewall Settings for Microsoft Windows XP with Service
> Pack 2
> http://download.microsoft.com/download/6/8/a/68a81446-cd73-4a61-8665-8a67781
> ac4e8/wf_xpsp2.doc
>
> 2. Add the script file to Domain Default GPO as Computer Startup or/and
> Shutdown Scripts
>
> For more information about how to write script and GPO Startup/Shutdown
> Scripts, please refer to the following Microsoft Web site:
>
> Script Center
> http://www.microsoft.com/technet/community/scriptcenter/default.mspx
>
> Windows 2000 Computer Startup Scripts:
> http://www.microsoft.com/technet/prodtechnol/windows2000serv/maintain/optimi
> ze/startw2k.asp?frame=true
>
> Active Directory Services and Group Policy in Windows Server 2003:
> http://www.microsoft.com/israel/events/downloads/ws2003event/Active_Director
> y.ppt
>
> Hope this helps!
>
> Have a nice day!
>
> Sincerely,
> Tom Che
> Microsoft Online Partner Support
>
> Get Secure! - www.microsoft.com/security
> =====================================================
> When responding to posts, please "Reply to Group" via your newsreader so
> that others may learn and benefit from your issue.
> =====================================================
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
>
> --------------------
>>Thread-Topic: Turning on the firewall via a GPO
>>thread-index: AcVPZp7a56Usv23ORUKE40cVRr7WNg==
>>X-WBNR-Posting-Host: 83.78.3.187
>>From: "=?Utf-8?B?RGVzbW9uZCBMZWU=?=" <mcp@donotspamplease.mars>
>>References: <OTk5#Y1TFHA.544@TK2MSFTNGP15.phx.gbl>
>>Subject: RE: Turning on the firewall via a GPO
>>Date: Mon, 2 May 2005 15:31:02 -0700
>>Lines: 27
>>Message-ID: <49F889A8-125C-430F-8A6D-3FB743D47DBD@microsoft.com>
>>MIME-Version: 1.0
>>Content-Type: text/plain;
>> charset="Utf-8"
>>Content-Transfer-Encoding: 7bit
>>X-Newsreader: Microsoft CDO for Windows 2000
>>Content-Class: urn:content-classes:message
>>Importance: normal
>>Priority: normal
>>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
>>Newsgroups: microsoft.public.windowsxp.security_admin
>>NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.2.250
>>Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGXA03.phx.gbl
>>Xref: TK2MSFTNGXA01.phx.gbl
>>microsoft.public.windowsxp.security_admin:45766
>>X-Tomcat-NG: microsoft.public.windowsxp.security_admin
>>
>>Check out:
>>
>>
>> http://www.microsoft.com/technet/community/columns/cableguy/cg0204.mspx
>>
>>and the useful links at end of that article.
>>
>>Do let us know if it helps. Thanks.
>>
>>
>>"Harrison Midkiff" wrote:
>>
>>> Hello:
>>>
>>> I have been working on getting my network ready for WinXP SP2. The
> firewall
>>> is the big thing for me. I have found the GPO that allows me to turn the
>>> firewall on, but when I do that the user can not turn it off if they
> choose
>>> to. Ideally I want the firewall configured so it will be on everytime
> the
>>> user restarts there computer. They can turn it off, but when the
> computer
>>> reboots the firewall will be back on again.
>>>
>>> Does any know if I can configure it this way?
>>>
>>> Harrison Midkiff
>>>
>>>
>>>
>>>
>>
>

Relevant Pages

  • Re: access 97 running in 2k3 server
    ... and the script will run from the same server outside of access. ... Windows firewall is disabled. ... Ultimately this database will be published through citrix, ...
    (microsoft.public.windows.server.scripting)
  • Re: Script Error every time a new Web page is loaded
    ... First see if Norton is the problem. ... Control Panel> Windows Firewall. ... It's a busy forum. ... > I have a Script Error poping out everytime I go into a Web page. ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • RE: enable remote dekstop on firewall
    ... It added the setting to windows firewall, ... will enable remote desktop under my computer and also enable it on the ...
    (microsoft.public.scripting.vbscript)
  • Re: server getting hit with brute force
    ... The add filter line does support subnet definition (see ms docs on netsh ... GUI but a script file and update the script, ... However this requires that your home users have static IP's. ... The windows firewall can do similar to this but is very much ...
    (microsoft.public.windows.server.sbs)
  • RE: Turning on the firewall via a GPO
    ... to configure the Windows Firewall to allow user to turn off the Firewall, ... Edit a script which can run the following command: ... Add the script file to Domain Default GPO as Computer Startup or/and ...
    (microsoft.public.windowsxp.security_admin)