Configuring Windows Firewall Group Policies in Windows Small Business Server 2008

In the new Windows Small Business Server 2008, there are actually two different locations depening on which version of Windows your are configuring for.


Below, I have outline where to find the appropriate locations to configure both Windows XP SP2-based (click the link for more infomation) workstations or Windows Vista (including Windows 7) based workstations.



Note: these directions assume you have Group Policy Management addin saved under Windows SBS Native Tools Management.

For Windows Vista & 7
  1. Open “Windows SBS Native Tools Management” Console
  2. Navigate to:
    Group Policy Management > Forest: domain.local > Domains > domain.local > MyBusiness > Computers > SBSComputers
  3. Right-click on “Windows SBS Client – Windows Vista Policy” and select Edit
  4. Navigate to:
    Computer Configuration > Windows Settings > Security Settings > Windows Firewall with Advanced Security.





  5. Right-click on “Inbound Rules” and select “New Rule...” and complete the wizard respectively.
For Windows XP
  1. Open “Windows SBS Native Tools Management” Console
  2. Navigate to:
    Group Policy Management > Forest: domain.local > Domains > domain.local > MyBusiness > Computers > SBSComputers
  3. Right-click on “Windows SBS Client – Windows XP Policy” and select Edit
  4. Navigate to:
    Computer Configuration > Policies > Administrative Templates > Network > Network Connections > Windows Firewall > Domain Profile
  5. In the right-hand panel, right-click on “Windows Firewall: Define inbound program exceptions” or “ Windows Firewall: Define inbound port exceptions” and select Properties
  6. In the window, click the “Show...” button
  7. Enter in required exceptions (see example), then click OK when finished.
For Windows XP Firewall program exception example, use the following as a guide:
%ProgramFiles%\ExampleAppFolder\Example.exe:*:Enabled:Example Program Title
For  Windows XP Firewall port exception example:
23:TCP:*:Enabled:Telnet
Port Number : TCP/UDP: Scope : Enable/Disabled : Port Title

For more information, see the following Microsoft TechNet page:
http://technet.microsoft.com/en-us/library/bb490616.aspx#EBAA

Comments

Post a Comment

Popular posts from this blog

Office 365 ScanPST to fix corrupted Outlook files

Image
In Office 365, which uses the Click-to-Run technology, Office program files are now in a new location. When you experience issues with Outlook, often you would use the ScanPST.exe tool to repair PST and OST files with Outlook. This tool can now be found in the following location: C:\Program Files\Microsoft Office 15\root\office15\ScanPST.exe This should apply for both 32-bit and 64-bit installations of Office 365. Update: Microsoft has published a Knowledge Base article list the locations of the ScanPST utility depending on your installation of Office 365. Whether you're using 32 or 64 bit versions. https://support.microsoft.com/en-us/kb/272227
Read more

Deleting Office 365 Tenant

Image
For a long time now, I have been using trials to test new technologies at home that I can use for my work like every good tech does. With the introduction of Office 365, more and more I need to be able to test the clouds services for different scenarios. However, I like to completely remove any services that I am finished with an no longer need as a end-of-the-day clean up task. So how do you do this with Office 365? By default, once the trial subscription expires the tenant will remain active allowing you a chance to purchase a new subscription and assign to your tenant. In this case I know I will never need the tenant again. So this is what I have found to decommission a Office 365 trial tenant using Azure Active Directory. WARNING! Please triple check that you are doing this on the correct tenant. This deletion is unrecoverable. You do this at your own risk. Prerequisites Before you can start this process you need to make sure: All subscriptions are d
Read more

PowerShell: Download and Install Java 8 JRE

This script I wrote for our automation system that will: Download the latest Java 8 JRE from Java.com Save in a local directory C:\Install Create a Install Options File Run the installer silently with the necessary Installer Options The Installer Options file determines what configuration is used the install of Java. For example, in the script I have configured. This will perform a silent install, auto updates enabled, no reboot after the installation, Sponsors/ads install disabled and will uninstall any older existing installations of Java JRE. INSTALL_SILENT=Enable AUTO_UPDATE=Enable REBOOT=Disable SPONSORS=Disable REMOVEOUTOFDATEJRES=Enable You can find these and other options to use from the Java website: https://docs.oracle.com/javase/8/docs/technotes/guides/install/config.html#installing_with_config_file This has been tested to work on PowerShell v2 and higher. --------------------------------------------------------------------------
Read more