Archived from groups: microsoft.public.windowsxp.security_admin (
More info?)
Torgeir,
Thanks for your help. That's what I needed to know.
"Torgeir Bakken (MVP)" wrote:
> NetPIP wrote:
>
> > When we enable Windows Firewall on PC connected to our NT 4.0 domain, it uses
> > the non-domain settings. How does Windows Firewall determine if it is
> > connected to a domain? We have tested this on 5 different PC's with the same
> > results. We are using WINS and DNS (running on NT4 servers).
> Hi
>
> The domain profile is only activated if you run a Active Directory
> domain.
>
> Here is how the SP2 firewall determines if it is to activate
> the domain or standard profile:
>
> If last-received Group Policy update DNS name match any of the
> connection-specific DNS suffixes of the currently connected
> connections (not PPP or SLIP-based) on the computer the FW's
> domain settings will be used. There is no way to change this
> behavior.
>
> From
> The Cable Guy - May 2004
> Network Determination Behavior for Network-Related Group Policy Settings
>
http://www.microsoft.com/technet/community/columns/cableguy/cg0504.mspx
>
> <quote>
> To apply this behavior to Windows Firewall settings:
>
> () If the connection-specific DNS suffix of a currently connected
> connection on the computer that is not PPP or SLIP-based (such as
> an Ethernet or 802.11 wireless network adapter) matches the value
> of the
> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Group
> Policy\History\NetworkName registry entry, Windows Firewall uses
> the domain profile.
>
> () If the connection-specific DNS suffix of a currently connected
> connection on the computer that is not PPP or SLIP-based does not
> match the value of the
> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Group
> Policy\History\NetworkName registry entry, Windows Firewall uses
> the standard profile.
>
> You can determine the connection-specific DNS suffixes of the
> currently connected connections on the computer from the display
> of the ipconfig command issued from a command prompt.
>
> </quote>
>
> Read the Cable Guy article for more about this.
>
>
> --
> torgeir, Microsoft MVP Scripting and WMI, Porsgrunn Norway
> Administration scripting examples and an ONLINE version of
> the 1328 page Scripting Guide:
>
http://www.microsoft.com/technet/scriptcenter/default.mspx
>