[gptalk] Re: Stopping Vista Firewall Service not working
- From: "Delaney, Doug" <doug.delaney@xxxxxxx>
- To: <gptalk@xxxxxxxxxxxxx>
- Date: Tue, 22 Jul 2008 16:00:05 -0400
The Base filtering service would also need to be stopped on Vista.
Doug Delaney
Infrastructure Specialist - Integration Engineering-GM
EDS
GM Desktop Engineering
985 W. Entrance Dr. 2150
Auburn Hills, MI 48326
Lab: +1 248-365-9187
Tel: +1 248 764-7917
Pg: +1 248 870-0306
Mobile: +1 248 210-4973
E-mail: Doug.Delaney@xxxxxxx <mailto:Doug.Delaney@xxxxxxx>
We deliver on our commitments
so you can deliver on yours.
________________________________
From: gptalk-bounce@xxxxxxxxxxxxx
[mailto:gptalk-bounce@xxxxxxxxxxxxx] On Behalf Of Darren Mar-Elia
Sent: Tuesday, July 22, 2008 3:13 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Stopping Vista Firewall Service not
working
Well, if your goal is to ensure that when they are on the
corporate network, no ports are blocked, then that is exactly what the
GP-based firewall profiles are meant to do. The domain profile can be
configured to essentially turn off the firewall when on the corporate
LAN and then other profiles can handle public and private networks (e.g.
in a coffee shop or at home).
Frankly, I'm sure you have business requirements for it, but as
a local administrator, GP is relatively useless. As admin I can
circumvent any GP controls put in place. Given that you work at a
software company, I'm sure you have a lot of smart engineers that would
be only too happy to help you out there J.
Darren
From: gptalk-bounce@xxxxxxxxxxxxx
[mailto:gptalk-bounce@xxxxxxxxxxxxx] On Behalf Of Kopenski, Jack
Sent: Tuesday, July 22, 2008 11:49 AM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Stopping Vista Firewall Service not
working
Darren,
They do have admin access, and I am willing to concede that some
people will turn it back on.
There are really two things I am trying to accomplish. I want
the firewall off, AND the service stopped when they are in the office.
With the service on we are not able to perform some security sweeps or
reads from the client machines. So just turning the firewall off is
only half my need.
Jack
________________________________
From: gptalk-bounce@xxxxxxxxxxxxx
[mailto:gptalk-bounce@xxxxxxxxxxxxx] On Behalf Of Darren Mar-Elia
Sent: Tuesday, July 22, 2008 2:36 PM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: Stopping Vista Firewall Service not
working
Jack-
I think you'd be better off using the Windows Firewall with
Advanced Security feature in Vista GP to control the firewall on Vista.
Have you used that area before?
Darren
From: gptalk-bounce@xxxxxxxxxxxxx
[mailto:gptalk-bounce@xxxxxxxxxxxxx] On Behalf Of Kopenski, Jack
Sent: Tuesday, July 22, 2008 11:31 AM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Stopping Vista Firewall Service not working
I have created a simple GPO using group policy preferences to
stop the Windows XP firewall service (SharedAccess) and to stop the
Vista firewall service (MpsSvc). I configured: Computer Configuration
> Preferences > Control Panel Settings > Services.
I created an entry for service "MpsSvc" with the Action to stop
the service, Startup as No Change, and Account Logon as No Change.
I created a second entry for service "SharedAcess" with the same
settings.
The GPO works fine for XP machines, but I see no change for
Vista. The RSOP shows the GPO was applied as does the Group Policy
event log. I have tried to run this with an Account Logon of Local
System, but that made no difference. I suspect it is a Vista UAC
issue, so does anyone see anything I missed?
Jack
The contents of this e-mail are intended for the named addressee
only. It contains information that may be confidential. Unless you are
the named addressee or an authorized designee, you may not copy or use
it, or disclose it to anyone else. If you received it in error please
notify us immediately and then destroy it.
Other related posts:
