Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Group Policy and XP firewall
- Thread starter jakess
- Start date
You'll need to get an additional .adm file. Here is a starting point:
I've just knocked this up, and I've not tested it, but give this a crack. Should work.
As I say, I haven't tested it, or even compiled it, but it should be mostly correct.
If you have no luck, let me know and I'll go through it.
USING TEMPLATES
Copy and paste the code into notepad on your server. Save the file as FirewallSettingsGP.adm, make sure you select "Save as File" is set to "ALL FILES" and NOT "text document". Save FirewallSettingsGP.adm to your servers c:\windows\inf directory.
Create a GPO to apply your settings to \ edit an existing GPO. This policy is part of Machine Settings. So, in the GPOE (Group Policy Object Editor), expand "Computer Configuration". Right Click on the Administrative Templates folder, click "Add\Remove Templates", click "Add". It should default to your c:\windows\inf folder (the default folder for GP adm files. If not, navigate to it. Highlight on FirewallSettingsGP.adm and click ok. You will be return to the previous window with a list of ADM files. Click OK. You will not see under Administrative Templates in your GPOE object tree browser your Firewall Settings Category Folder, expand this, and enable the policy "Disable Firewall on Client Machines"
If you need any help, please feel free to post back, or contact me from my profile page.
Hope this helps.
Neil J Cotton
njc Information Systems
Systems Consultant
Code:
CLASS MACHINE
CATEGORY !!FirewallSettings
KEYNAME "Software\Policies\Microsoft\Windows\Network Connections"
POLICY !!DisableFirewall
EXPLAIN !!DisableFirewallEXP
VALUENAME "NC_PersonalFirewallConfig"
VALUEON NUMERIC 0
VALUEOFF NUMERIC 1
END POLICY
END CATEGORY
[strings]
FirewallSettings="Firewall Configure"
DisableFirewall="Disable Firewall on Clients Machine"
DisableFirewallEXP="Enabling this setting will DISABLE the built in DNS Internet Connection Firewall feature of Windows XP Service Pack 2. LOW SECURITY \n \n Disabling this setting will ENABLE the firewall. HIGH SECURITY. \n \n \n This setting will be updated when the policy is refreshed, however, on its own, will not prohibit users from altering the settings for Windows Firewall manually. Make sure that you lock down users ability to alter system settings appropriately."As I say, I haven't tested it, or even compiled it, but it should be mostly correct.
If you have no luck, let me know and I'll go through it.
USING TEMPLATES
Copy and paste the code into notepad on your server. Save the file as FirewallSettingsGP.adm, make sure you select "Save as File" is set to "ALL FILES" and NOT "text document". Save FirewallSettingsGP.adm to your servers c:\windows\inf directory.
Create a GPO to apply your settings to \ edit an existing GPO. This policy is part of Machine Settings. So, in the GPOE (Group Policy Object Editor), expand "Computer Configuration". Right Click on the Administrative Templates folder, click "Add\Remove Templates", click "Add". It should default to your c:\windows\inf folder (the default folder for GP adm files. If not, navigate to it. Highlight on FirewallSettingsGP.adm and click ok. You will be return to the previous window with a list of ADM files. Click OK. You will not see under Administrative Templates in your GPOE object tree browser your Firewall Settings Category Folder, expand this, and enable the policy "Disable Firewall on Client Machines"
If you need any help, please feel free to post back, or contact me from my profile page.
Hope this helps.
Neil J Cotton
njc Information Systems
Systems Consultant
- Status
Similar threads
