PDA

View Full Version : SP2 Firewall Policy

Patrick
September 10th 04, 10:23 AM
Hello

I have the following Problem:
I want to publish Firewall Settings with GPOs to several
Clients.
I add the new system.adm File (from XP SP2) to the GPO
Object on my windows 2000 Server, so I got all the new
GPOs.
I see under: "Computer Configuration/Administrative
Templates/Network/Network Connections/Windows Firewall" all
the new policies but two are missing:
"define program exceptions" and "define port exceptions"
These two policies are in my opinion the most importent!

So anyone knows why these policies are missing? On my XP
Workstation with SP2 installed i got these policies!!

Thanks for your help
Patrick
patrick.passeriniATlogimatik.ch
Patrick
September 10th 04, 02:23 PM
Update:

I try it on a W3k Server and all the settings are there. So
I think the problem is, that the W2k Server can't display
all new policy settings...
Anyone knows how to correct this, I have to manage the
settings on a W2k Server not on a Client!!!

Regards
Patrick

>-----Original Message-----
>Hello
>
>I have the following Problem:
>I want to publish Firewall Settings with GPOs to several
>Clients.
>I add the new system.adm File (from XP SP2) to the GPO
>Object on my windows 2000 Server, so I got all the new
>GPOs.
>I see under: "Computer Configuration/Administrative
>Templates/Network/Network Connections/Windows Firewall"
all
>the new policies but two are missing:
>"define program exceptions" and "define port exceptions"
>These two policies are in my opinion the most importent!
>
>So anyone knows why these policies are missing? On my XP
>Workstation with SP2 installed i got these policies!!
>
>Thanks for your help
>Patrick
>patrick.passeriniATlogimatik.ch
>.
>
Alain Vouillon
September 11th 04, 09:50 AM
Bonjour,
Patrick écrivait:
> I try it on a W3k Server and all the settings are there. So
> I think the problem is, that the W2k Server can't display
> all new policy settings...
> Anyone knows how to correct this, I have to manage the
> settings on a W2k Server not on a Client!!!


You must have to change this GPO ONLY from Windows XP and Windows Server
2003.
I have publish this, but in french here:
http://a.vouillon.online.fr/faq-winxp.htm#178


It because of the "too long string" in Windows 2000 GPO.
you can see this:
http://support.microsoft.com/default.aspx?kbid=842933


--
@:-)
FAQ Windows XP ==> http://a.vouillon.online.fr/
Google