Please Read: Significant Update Planned, Migrating Forum Software This Month

See more
See less

group policy

  • Filter
  • Time
  • Show
Clear All
new posts

  • group policy

    Hi all, wonder if you can help me.
    I work for a small company and just had our server upgraded to SBS 2008. When i add any new computers which use winXP the firewall on each work station is on but is graded out saying it is controlled by the group policy. The problem is we have a hardware firewall so don't want these turned on but even though i have administrator rights i can change the firewall settings. Can someone let me know how i can do this?
    Thank you.

  • #2
    Re: group policy

    You will need to go onto the SBS box and into Group Policy Management console, then modify the settings there to disable the WinXP firewall. If you don't have permission, get your network admin or support company to do it
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    IT Trainer / Consultant
    Ossian Ltd

    ** Remember to give credit where credit is due and leave reputation points where appropriate **


    • #3
      Re: group policy

      But why would you want to do that? There is no connection usually between the hardware firewall and the software firewall in XP!
      Example: Desktop gets infected with a worm which uses mail address book and SMTP engine to blast spam to the net. Does your hardware firewall block everyone except SBS2008 from using SMTP to the net?
      The XP firewall is there for a reason and is well handled by SBS group policy.

      Steven Teiger [SBS-MVP(2003-2009)]
      Iím honoured to have been selected for the SMB 150 list for 2013. This is the third time in succession (no logo available for 2011) that I have been honoured with this award.

      We donít stop playing because we grow old, we grow old because we stop playing.


      • #4
        Re: group policy

        quite right. I would leave it on. But also create a policy which allows admin access(RPC connections) for management and WMI. Perhaps some other programs as well.
        Please give points where appropriate

        <I dont create ready scripts for you, but I'm willing to point you in the right direction>