If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
XP firewall Profile problem
NT4 domain and we are rolling out XPSP2. We have a very complex networking
enviroment and I want to disable the firewall when the computer is connected to the domain. I thought that the domain profile was supposed to do this but so far I haven't gotten the computer to change profiles. No matter what I do it always in th e standard profile. How do I get the firewall to use the domain profile? Thanks |
Ads |
#2
|
|||
|
|||
lunarpc wrote:
NT4 domain and we are rolling out XPSP2. We have a very complex networking enviroment and I want to disable the firewall when the computer is connected to the domain. I thought that the domain profile was supposed to do this but so far I haven't gotten the computer to change profiles. No matter what I do it always in th e standard profile. How do I get the firewall to use the domain profile? Hi, As you have a NT4 domain, you will not be able to use the domain profile, you will need to have Active Directory for this to work. Here is how the SP2 firewall determines if it is to activate the domain or standard profile: If last-received Group Policy update DNS name match any of the connection-specific DNS suffixes of the currently connected connections (not PPP or SLIP-based) on the computer the FW's domain settings will be used. In all other cases the standard profile will be used. There is no way to change this behavior. From The Cable Guy - May 2004 Network Determination Behavior for Network-Related Group Policy Settings http://www.microsoft.com/technet/com...uy/cg0504.mspx quote To apply this behavior to Windows Firewall settings: () If the connection-specific DNS suffix of a currently connected connection on the computer that is not PPP or SLIP-based (such as an Ethernet or 802.11 wireless network adapter) matches the value of the HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Group Policy\History\NetworkName registry entry, Windows Firewall uses the domain profile. () If the connection-specific DNS suffix of a currently connected connection on the computer that is not PPP or SLIP-based does not match the value of the HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Group Policy\History\NetworkName registry entry, Windows Firewall uses the standard profile. You can determine the connection-specific DNS suffixes of the currently connected connections on the computer from the display of the ipconfig command issued from a command prompt. /quote Read the Cable Guy article for more about this. -- torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway Administration scripting examples and an ONLINE version of the 1328 page Scripting Guide: http://www.microsoft.com/technet/scr...r/default.mspx |
#3
|
|||
|
|||
XP firewall Profile problem
Dear
i went through the following steps. 1. Already connected to a domain network (now the HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Group Policy\History\NetworkName contain my domain name). Now firewall settings dialog shows that "windows is using your domain settings". 2. Disconnect from the network ( just unplug the network cable). Now the firewall settings dialog shows that "windows is using your non-domain settings". But the thing is that when i checked the HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Group Policy\History\NetworkName it contains the previous domain name. Then how can i identify (by code) the current profile? or i can i assume that the system is using the standard profile if the network is not available? Regards, Krishnakumar "Torgeir Bakken (MVP)" wrote: lunarpc wrote: NT4 domain and we are rolling out XPSP2. We have a very complex networking enviroment and I want to disable the firewall when the computer is connected to the domain. I thought that the domain profile was supposed to do this but so far I haven't gotten the computer to change profiles. No matter what I do it always in th e standard profile. How do I get the firewall to use the domain profile? Hi, As you have a NT4 domain, you will not be able to use the domain profile, you will need to have Active Directory for this to work. Here is how the SP2 firewall determines if it is to activate the domain or standard profile: If last-received Group Policy update DNS name match any of the connection-specific DNS suffixes of the currently connected connections (not PPP or SLIP-based) on the computer the FW's domain settings will be used. In all other cases the standard profile will be used. There is no way to change this behavior. From The Cable Guy - May 2004 Network Determination Behavior for Network-Related Group Policy Settings http://www.microsoft.com/technet/com...uy/cg0504.mspx quote To apply this behavior to Windows Firewall settings: () If the connection-specific DNS suffix of a currently connected connection on the computer that is not PPP or SLIP-based (such as an Ethernet or 802.11 wireless network adapter) matches the value of the HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Group Policy\History\NetworkName registry entry, Windows Firewall uses the domain profile. () If the connection-specific DNS suffix of a currently connected connection on the computer that is not PPP or SLIP-based does not match the value of the HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Curr entVersion\Group Policy\History\NetworkName registry entry, Windows Firewall uses the standard profile. You can determine the connection-specific DNS suffixes of the currently connected connections on the computer from the display of the ipconfig command issued from a command prompt. /quote Read the Cable Guy article for more about this. -- torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway Administration scripting examples and an ONLINE version of the 1328 page Scripting Guide: http://www.microsoft.com/technet/scr...r/default.mspx |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Windows XP Firewall Problem | Irvin Libao | Security and Administration with Windows XP | 9 | March 25th 10 08:57 PM |
A rival for Thunderbird? | Derrick Fawsitt | General XP issues or comments | 42 | February 10th 05 11:13 PM |
Where did my administrator go? | mike gray | The Basics | 5 | January 16th 05 02:50 AM |
Problem copying or moving folders/files (mp3s) after XP clean install-- permissions help | Pegasus \(MVP\) | Windows XP Help and Support | 0 | December 23rd 04 05:49 AM |
Profile - roaming and server copy problem | Rajiv Khandelwal, M. D. | General XP issues or comments | 5 | August 19th 04 02:40 PM |