Windows Firewall (WindowsXP SP2)

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I have the strangest problem -

Prior to deploying WindowsXP SP2 on our network, I configured a Group Policy
for the domain for the Windows Firewall settings under [Computer
Configuration][Administrative Templates][Network][Network
Connections][Windows Firewall][Domain Profile]. There were a number of
options I set here, but the one I'm now interested in is "Allow file and
printer sharing exception", which I enabled at the time and set to 3 IP
subnets on our network including LocalSubnet.

So... Now we've brought another building online w/ a new subnet. I went
back to the same server (Windows2000 Server SP4), popped open AD Users and
Computers, opened the group policy - But now those options are nowhere to be
found and I cannot add the new subnet to the string. The only options now
availalbe to me under [Network] are "Offline Files" and "Network and Dialup
Connections". It's as if the template vanished.

From my desk (WindowsXP SP2), I can run the Group Policy Management snap-in,
select this policy, choose the SETTINGS tab, and see all of the prior changes
- But when I right-click and choose EDIT, I can't drill down to these options
to make a change. I've got a building full of XP machines I can't see... How
do I fix this?

Thanks for any input you might have.

Gregg

P.S. - As a work around, I created a whole new policy. I was then able to
drill down to this and reenter enough settings to get some connectivity - But
I'd really like to get my original policy applied to the new subnet.
 
Hello Gregg,

I've got exactly the same problem with finding the Network settings. Did
you get any replies off group and, if so, were you able to fix your problem?

Thanks a lot,
Tim Dimond.
 
Hey, Tim.
No such luck. There's another thread on this list dated 9/14/2005
(titled Windows Firewall) which I didn't notice until after I made my
posting. There was a discussion there re: this exact problem -
Apparently it's happening to lots of people. Pretty obnoxious,
because the best solution so far has been to rewrite all of the
policies for these settings. You can read more about the process
there. I'm concerned that I'll rewrite the things over again to make
the changes I want, only to have to rewrite them again (and again..)
when I need to make further changes.

So... I've put this off until I get my list together so I can avoid that
as much as possible. I'm crossing my fingers for a fix to this issue.
I'll let you know when I hear of one - You can do the same for me!

Good luck -

Gregg

Hello Gregg,

I've got exactly the same problem with finding the Network settings. Did
you get any replies off group and, if so, were you able to fix your problem?

Thanks a lot,
Tim Dimond.
 
Hello Gregg,

Yes, I found that thread after I wrote on this one and started my own! As a
result, I have created a new policy in the same container just to modify the
Firewall settings!

Let's face it this is not exactly a good solution. It makes your AD
structure over complicated and, as you mention, you'll have to create a new
GP for every mod in future. Also there are storage implications, as a GP can
be quite large, and unneccesary extras can create a lot of wasted space.

Is there anyone on the forum who know if MS are working on a fix for this,
or is it set to become a feature?

Gregg Knapp said:
Hey, Tim.
No such luck. There's another thread on this list dated 9/14/2005
(titled Windows Firewall) which I didn't notice until after I made my
posting. There was a discussion there re: this exact problem -
Apparently it's happening to lots of people. Pretty obnoxious,
because the best solution so far has been to rewrite all of the
policies for these settings. You can read more about the process
there. I'm concerned that I'll rewrite the things over again to make
the changes I want, only to have to rewrite them again (and again..)
when I need to make further changes.

So... I've put this off until I get my list together so I can avoid that
as much as possible. I'm crossing my fingers for a fix to this issue.
I'll let you know when I hear of one - You can do the same for me!

Good luck -

Gregg

Hello Gregg,

I've got exactly the same problem with finding the Network settings. Did
you get any replies off group and, if so, were you able to fix your problem?

Thanks a lot,
Tim Dimond.


Gregg Knapp said:
I have the strangest problem -

Prior to deploying WindowsXP SP2 on our network, I configured a Group
Policy
for the domain for the Windows Firewall settings under [Computer
Configuration][Administrative Templates][Network][Network
Connections][Windows Firewall][Domain Profile]. There were a number of
options I set here, but the one I'm now interested in is "Allow file and
printer sharing exception", which I enabled at the time and set to 3 IP
subnets on our network including LocalSubnet.

So... Now we've brought another building online w/ a new subnet. I went
back to the same server (Windows2000 Server SP4), popped open AD Users and
Computers, opened the group policy - But now those options are nowhere to
be
found and I cannot add the new subnet to the string. The only options now
availalbe to me under [Network] are "Offline Files" and "Network and
Dialup
Connections". It's as if the template vanished.

From my desk (WindowsXP SP2), I can run the Group Policy Management
snap-in,
select this policy, choose the SETTINGS tab, and see all of the prior
changes
- But when I right-click and choose EDIT, I can't drill down to these
options
to make a change. I've got a building full of XP machines I can't see...
How
do I fix this?

Thanks for any input you might have.

Gregg

P.S. - As a work around, I created a whole new policy. I was then able to
drill down to this and reenter enough settings to get some connectivity -
But
I'd really like to get my original policy applied to the new subnet.
Click to expand...
Click to expand...
 
Back
Top