Ok, so why problem is this, every computer gets the Gpo Etc, but some of the computers still have the service in DISABLED. Shouldn't the gpo change to enable messenger change it to automatic or something? Because I do want to use net send. Thank you, Asaf Efrati | System | eToro A 32 Habarzel St. Tel Aviv 69710, Israel M +972 545671587 F +9723 7686712 W <http://www.eToro.com> www.eToro.com If you have received this email message in error, please notify the sender immediately by telephone or return email and refrain from taking any action relating to the content of the email. Thereafter, please destroy the original message without making a copy. You may not use the content of the email without first obtaining prior written consent from the sender. You may not forward this email to anyone other than the sender for notification purposes. _____ From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On Behalf Of Darren Mar-Elia Sent: Tuesday, August 05, 2008 16:32 To: gptalk@xxxxxxxxxxxxx Subject: [gptalk] Re: Securing The Network & Messenger Service Yes, a domain-based GPO would override any local GPO for the service startup type. Darren From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On Behalf Of Asaf Efrati Sent: Tuesday, August 05, 2008 5:00 AM To: gptalk@xxxxxxxxxxxxx Subject: [gptalk] Re: Securing The Network & Messenger Service In order to allow NET SEND I enabled under the Gpo the messenger service, but strange enough not every computer got the change, or rather the local policy is disabling it. If a service is in "DISABLED" will a Gpo change to enable it will change it? Thank you, Asaf Efrati | System | eToro A 32 Habarzel St. Tel Aviv 69710, Israel M +972 545671587 F +9723 7686712 W www.eToro.com If you have received this email message in error, please notify the sender immediately by telephone or return email and refrain from taking any action relating to the content of the email. Thereafter, please destroy the original message without making a copy. You may not use the content of the email without first obtaining prior written consent from the sender. You may not forward this email to anyone other than the sender for notification purposes. _____ From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On Behalf Of Darren Mar-Elia Sent: Tuesday, August 05, 2008 04:41 To: gptalk@xxxxxxxxxxxxx Subject: [gptalk] Re: Securing The Network & Messenger Service Sorry-just saw this. What exactly are you doing to allow Net Send? I would guess that allowing net send should have nothing to do with live messenger working or not (unless Live Messenger relies on the Alerter service but if its enabled , that should not impact IM). As for disabling Wireless, you can't really do that as a function of whether it's on your network or not. If you are worried about users connecting to non-corporate WAPs while they are in the office, then GP against XP clients won't help you much. The Wireless Policy that is supported on XP is pretty limited. Vista is better at this. You might be able to do some kind of IPSec tunnel while on the corporate network that prevents non corporate networks from accessing your internal network, but it would take some work. Darren From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On Behalf Of Asaf Efrati Sent: Sunday, August 03, 2008 9:05 AM To: gptalk@xxxxxxxxxxxxx Subject: [gptalk] Securing The Network & Messenger Service Hey everyone, I am trying to make my network more secure, I tried looking at a few things who left me puzzled as they didn't seem to work. I am trying to enable NET SEND and at the same time deny users the ability to use live messenger, those options didn't work. Further more I am trying to force disabling of Wireless on laptops connected to my network, I didn't find any effective way of doing that through GPO. Any thoughts? Thank you, Asaf Efrati | IT & Security | eToro W www.eToro.com etoro-logo If you have received this email message in error, please notify the sender immediately by telephone or return email and refrain from taking any action relating to the content of the email. Thereafter, please destroy the original message without making a copy. You may not use the content of the email without first obtaining prior written consent from the sender. You may not forward this email to anyone other than the sender for notification purposes.