Firewall ON/OFF

  • Thread starter Thread starter Milos Puchta
  • Start date Start date
M

Milos Puchta

Hi to All,

I am very curious if there is any easy way how to solve the following:
There is a need to switch of the firewall function in Windows XP for some
students/workstations. They are developing some applications that
communicate among various ports.
Is there any way how to achieve it without giving the admin rights?
PC are members of Active Directory.

Regards,
Milos
 
Put the machines in their own OU and configure GPO to disable XP's Windows
Firewall when they are in the AD domain.

Run GPMC from a Win XP SP2 machine or copy System.adm template to a DC
(typically the PDC - Win 200x).

Set GPO at:

Computer Configuration > Administrative Templates > Network > Network
Connections > Windows Firewall > Domain Profile > Windows Firewall: Protect
all network connections = Disabled.

Alternatively, disable the Windows Firewall Service altogether via GPO.

Do let us know if this helps. Thanks!
 
Even easier, just create a separate GP and OU for those users in AD, where
the firewall is off - when they logon, the firewall will be off, when anyone
else logs on the firewall is on. If you have AD and the domain setup
correctly, AD will apply the GP based on the user's GP policy in the OU they
belong.
 
Why not instead create port rules or application exceptions so that the student
applications run while the firewall is enabled? I would think that's better
than switching off the firewall completely.

Steve Riley
(e-mail address removed)
 
Absolutely, but only if the set of ports are known and can be predefined /
fixed. The original post was unclear "... developing some applications that
communicate among various ports." for some students.

Hey Steve :-)
 
So rather than defining static port openings, create an exception for the
application. That's a feature of the firewall. You grant an application permission
to listen, and then the firewall watches when the application binds to a
socket and allows inbound connections on whatever port number the application
grabbed. When the application terminates, the firewall's opening is closed.

Steve Riley
(e-mail address removed)
 
Back
Top