Archived from groups: microsoft.public.win2000.group_policy (
More info?)
Hello again,
GPMC will run on either Windows XP (with at least SP1) or Windows Server
2003. It is recommended to manage Group Policy from an administrative
machine, rather than on the domain controllers themselves. Since you are
running Windows 2000 domain controllers you will not be able to load GPMC on
those servers. However, if you can fully manage Group Policy from a Windows
XP machine acting as an administrative workstation. Since you appear to be
wanting to managing XP SP2 machines I am hopefulyl that your administrative
machines are in fact XP.
Yes, you can disable the Windows Firewall, through the .adm files we ship
with XP SP2. Checkout the following policy setting:
Administrative Templates\Network\Network Connections\Windows
Firewall\Domain Profile\Windows Firewall: Protect all network connections
Disabling this policy setting will turn off the Windows Firewall.
Unless you have a compelling reason to do so (for example, you already have
a different Firewall installed) we would recommend that you look at some of
the other policy settings associated with the WIndows Firewall to open only
those porgrams or ports you need, rather than disable it altogether.
BTW, I should add that the Windows Firewall and ICF are two very
different beasts
In Windows XP SP2 you need to be using the Windows
Firewall (not ICF) policy settings.
I hope this helps.
--
Mark Williams
Program Manager, Group Policy
http://www.microsoft.com/technet/grouppolicy
This posting is provided "AS IS" with no warranties, and confers no rights.
<anonymous@discussions.microsoft.com> wrote in message
news:537301c480c6$f282b9f0$a501280a@phx.gbl...
> Thankyou Mark for you prompt reply.
>
> I have A windows 2000 Domain. I downloads GPMC SP1 and
> installed it on my 2000DC only to be alerted that I need XP
> or 2003.
>
> Is there, from Microsoft, a GPO update or addin, which
> allows me to disable the Firewall on my XPSP2 machines from
> my Windows2000DC ?? (With spending money)
>
>
>>-----Original Message-----
>>This is not correct. You can manage clients in a Windows
> 2000 domain from
>>GPMC, which can be run on Windows Server 2003 or Windows
> Professional.
>>Originally, the GPMC license DID require a Windows Server
> 2003 license but
>>we modified this when we shipped GPMC with Service Pack 1,
> which allows can
>>be used to manage either Windows 2000 or Windows Server
> 2003 domains.
>>
>>If you have a pointer to online documentation that
> incorrectly indicates a
>>Windows Server 2003 license is needed (and it exists on
> the Microsoft.com
>>site) please let me know so that I can work to get that
> updated.
>>
>>One qualifier to this (unrelated to licensing) is that a
> small subset of the
>>new policy settings in Windows XP Service Pack 2 (those
> that use the LISTBOX
>>ADDITIVE keywords) can only be managed from a Windows XP
> or Windows Server
>>2003 machine.
>>
>>Thanks.
>>--
>>Mark Williams
>>Program Manager, Group Policy
>>http://www.microsoft.com/technet/grouppolicy
>>
>>This posting is provided "AS IS" with no warranties, and
> confers no rights.
>>"shakim" <shakim@optusnet.com.au> wrote in message
>>news:560401c480c2$9f7f7e40$a601280a@phx.gbl...
>>> Can someone please confirm that Microsoft have made it
>>> impossible for me to manage XPSP2 Firewall settings using
>>> GPO in only a Windows 2000 Domain.
>>> From what I have read and experienced, I need a Windows
>>> 2003 server (License)
>>
>>
>>.
>>