Re: Local Policy Update Using Remote Registry Edit
- From: "Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 21 Sep 2006 22:56:20 -0500
Keep in mind that domain profile settings apply only when domain computer
are connected to a network where they can find and access a domain
controller. You can edit local Group Policy remotely by selecting the mmc
snapin for Group Policy and selecting - another computer. Of course you
need to be a local administrator on the computer you want to do this to. I
find it always best to edit Group Policy instead of registry settings. You
can edit a registry setting [it does NOT edit Group Policy] and it should
work until the computer reapplies it's Group Policy settings if that setting
is defined. Group Policy administrative template registry settings are
stored in the \Windows\system32\grouppolicy\user or machine\registry.pol
file.
Steve
"Robert Lindholm" <RobertLindholm@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:CFC05AEF-0B48-4E99-AB13-BC44510BD655@xxxxxxxxxxxxxxxx
I'm trying to remotely add an IP address to the Remote Administration
settings [domain/local] on several Windows XP XP2 [with firewall enabled]
on
my network so I can make some remote adjustments to the Windows firewall
using "netsh" to ultimately run an install executable for a new AV
software
agent. I found what I believe to be the appropriate Registry keys
associated
with these network settings [see below] and have been able to remotely
update
the Registry, but this hasn't updated the local policy on the computer.
I've
tried performing an "gpupdate" and rebooting the system. Obviously I'm
missing something or there are additional Registry keys that need to be
edited or some other mechanism to update the local policy by editing the
Registry unless this is a unidirectional process [e.g. local policy
edit ->
Registry change only, not vice-versa]. I'm trying to avoid having to
locally
edit each workstation to make these changes, which brings up a few
questions:
1) Is there a way to remotely edit the local group policy of a Windows XP
computer remotely over the network [without AD]?
2) Will remote editing of the Registry alter the local group policy of a
machine and if so how is this accomplished?
Your suggestions are greatly appreciated...
Bob
P.S. Here are the Registry keys I edited:
Domain Policy
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\RemoteAdminSettings!Enabled,
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\RemoteAdminSettings!RemoteAddresses
Local Policy
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\RemoteAdminSettings!Enabled,
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\RemoteAdminSettings!RemoteAddresses
--
Robert Lindholm
University of Rcohester
.
- Follow-Ups:
- Re: Local Policy Update Using Remote Registry Edit
- From: Robert Lindholm
- Re: Local Policy Update Using Remote Registry Edit
- Prev by Date: Re: whats the point of windows firewall?
- Next by Date: Re: I.E. browser keeps closing down
- Previous by thread: Re: Task Scheduler stopped running and I'm unable to restart
- Next by thread: Re: Local Policy Update Using Remote Registry Edit
- Index(es):
Relevant Pages
|
