A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows XP » Security and Administration with Windows XP
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

XP firewall Profile problem



 
 
Thread Tools Display Modes
  #1  
Old May 11th 05, 04:01 PM
lunarpc
external usenet poster
 
Posts: n/a
Default XP firewall Profile problem

NT4 domain and we are rolling out XPSP2. We have a very complex networking
enviroment and I want to disable the firewall when the computer is connected
to the domain. I thought that the domain profile was supposed to do this but
so far I haven't gotten the computer to change profiles. No matter what I do
it always in th e standard profile. How do I get the firewall to use the
domain profile?

Thanks
Ads
  #2  
Old May 11th 05, 05:15 PM
Torgeir Bakken \(MVP\)
external usenet poster
 
Posts: n/a
Default

lunarpc wrote:

NT4 domain and we are rolling out XPSP2. We have a very complex networking
enviroment and I want to disable the firewall when the computer is connected
to the domain. I thought that the domain profile was supposed to do this but
so far I haven't gotten the computer to change profiles. No matter what I do
it always in th e standard profile. How do I get the firewall to use the
domain profile?

Hi,

As you have a NT4 domain, you will not be able to use the domain
profile, you will need to have Active Directory for this to work.


Here is how the SP2 firewall determines if it is to activate
the domain or standard profile:

If last-received Group Policy update DNS name match any of the
connection-specific DNS suffixes of the currently connected
connections (not PPP or SLIP-based) on the computer the FW's
domain settings will be used. In all other cases the standard
profile will be used. There is no way to change this behavior.

From
The Cable Guy - May 2004
Network Determination Behavior for Network-Related Group Policy Settings
http://www.microsoft.com/technet/com...uy/cg0504.mspx

quote
To apply this behavior to Windows Firewall settings:

() If the connection-specific DNS suffix of a currently connected
connection on the computer that is not PPP or SLIP-based (such as
an Ethernet or 802.11 wireless network adapter) matches the value
of the
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Group
Policy\History\NetworkName registry entry, Windows Firewall uses
the domain profile.

() If the connection-specific DNS suffix of a currently connected
connection on the computer that is not PPP or SLIP-based does not
match the value of the
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Group
Policy\History\NetworkName registry entry, Windows Firewall uses
the standard profile.

You can determine the connection-specific DNS suffixes of the
currently connected connections on the computer from the display
of the ipconfig command issued from a command prompt.

/quote

Read the Cable Guy article for more about this.



--
torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of
the 1328 page Scripting Guide:
http://www.microsoft.com/technet/scr...r/default.mspx
  #3  
Old November 26th 08, 12:37 PM posted to microsoft.public.windowsxp.security_admin
Krishnakumar
external usenet poster
 
Posts: 1
Default XP firewall Profile problem

Dear

i went through the following steps.

1. Already connected to a domain network (now the
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Group
Policy\History\NetworkName contain my domain name). Now firewall settings dialog shows that "windows is using your domain settings".

2. Disconnect from the network ( just unplug the network cable). Now the
firewall settings dialog shows that "windows is using your non-domain
settings". But the thing is that when i checked the
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Group
Policy\History\NetworkName it contains the previous domain name.

Then how can i identify (by code) the current profile?
or i can i assume that the system is using the standard profile if the
network is not available?

Regards,
Krishnakumar


"Torgeir Bakken (MVP)" wrote:

lunarpc wrote:

NT4 domain and we are rolling out XPSP2. We have a very complex networking
enviroment and I want to disable the firewall when the computer is connected
to the domain. I thought that the domain profile was supposed to do this but
so far I haven't gotten the computer to change profiles. No matter what I do
it always in th e standard profile. How do I get the firewall to use the
domain profile?

Hi,

As you have a NT4 domain, you will not be able to use the domain
profile, you will need to have Active Directory for this to work.


Here is how the SP2 firewall determines if it is to activate
the domain or standard profile:

If last-received Group Policy update DNS name match any of the
connection-specific DNS suffixes of the currently connected
connections (not PPP or SLIP-based) on the computer the FW's
domain settings will be used. In all other cases the standard
profile will be used. There is no way to change this behavior.

From
The Cable Guy - May 2004
Network Determination Behavior for Network-Related Group Policy Settings
http://www.microsoft.com/technet/com...uy/cg0504.mspx

quote
To apply this behavior to Windows Firewall settings:

() If the connection-specific DNS suffix of a currently connected
connection on the computer that is not PPP or SLIP-based (such as
an Ethernet or 802.11 wireless network adapter) matches the value
of the
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Group
Policy\History\NetworkName registry entry, Windows Firewall uses
the domain profile.

() If the connection-specific DNS suffix of a currently connected
connection on the computer that is not PPP or SLIP-based does not
match the value of the
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Group
Policy\History\NetworkName registry entry, Windows Firewall uses
the standard profile.

You can determine the connection-specific DNS suffixes of the
currently connected connections on the computer from the display
of the ipconfig command issued from a command prompt.

/quote

Read the Cable Guy article for more about this.



--
torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of
the 1328 page Scripting Guide:
http://www.microsoft.com/technet/scr...r/default.mspx

 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Windows XP Firewall Problem Irvin Libao Security and Administration with Windows XP 9 March 25th 10 09:57 PM
A rival for Thunderbird? Derrick Fawsitt General XP issues or comments 42 February 11th 05 12:13 AM
Where did my administrator go? mike gray The Basics 5 January 16th 05 03:50 AM
Problem copying or moving folders/files (mp3s) after XP clean install-- permissions help Pegasus \(MVP\) Windows XP Help and Support 0 December 23rd 04 06:49 AM
Profile - roaming and server copy problem Rajiv Khandelwal, M. D. General XP issues or comments 5 August 19th 04 02:40 PM






All times are GMT +1. The time now is 12:59 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.