none
Disable "Windows Firewall with Advanced Security" for all profiles(Domain,Public,Standard) in local GP using script help! Windows 7 Clients

    Question

  • Dear Team,

    We need Windows7 with  windows firewall to be turned off , so the GOLD image has windows firewall turned off for all profiles(Domain,Public,Standard) and Windows Service disabled

    No the same GOLD image deployed with MDT (Apply local GPO) has enabled Windows Firewall under "Windows Firewall with Advanced Security" as part of task sequence

    Now we need to remove it.

    "These machines are now on Domain where in we have no rights/control on the domain level GPO", we have local admi rights on these machines


    We have a requirement do set the "Windows Firewall with Advanced Security" to "NOT Configured" or "OFF "on these machines

    In gpedit.msc if we manually go to "Windows Firewall with Advanced Security" after enabling Windows Firewall Services
    then can Clear the settings
    Do do the same manually on all machines is extra effort

    Changing values in registry will get reverted on machine restart as its getting applied from local GPO

    Also using GPMC can connect to remote computer and can manually or using wfw file we can make it not configured

    but we are looking for a script or a less effort method to accomplish this

    Please suggest

    Thanks and Regards
    Jose

    <input id="9c1bc0a6-8658-4b31-b18c-980fe82dcea4_attachments" type="hidden" />
    Friday, November 08, 2013 2:47 PM

Answers

  • Dear All,

    The issue was fixed by removing the Registry.pol file from---

    C:\Windows\system32\GroupPolicy\Machine

    On removing this file and a restart (not always needed) removed the local policy set my MDT Under  “Windows Firewall with Advanced Security" and made it as not configured

    May be we can just edit th Firewall part alone from Rgistry.pol file using some special tools
    as direct editing the file in a normal editor like notepad causes corruption to the file.

    Thanks and Regards
    JoBo
    • Marked as answer by JosephBoban Sunday, November 10, 2013 3:34 PM
    Sunday, November 10, 2013 3:34 PM

All replies

  • Dear All,

    The issue was fixed by removing the Registry.pol file from---

    C:\Windows\system32\GroupPolicy\Machine

    On removing this file and a restart (not always needed) removed the local policy set my MDT Under  “Windows Firewall with Advanced Security" and made it as not configured

    May be we can just edit th Firewall part alone from Rgistry.pol file using some special tools
    as direct editing the file in a normal editor like notepad causes corruption to the file.

    Thanks and Regards
    JoBo
    • Marked as answer by JosephBoban Sunday, November 10, 2013 3:34 PM
    Sunday, November 10, 2013 3:34 PM
  • Hi,

    Glad to hear that the issue has been resolved. Thanks for your feedback and sharing. This will help others who face the same scenario resolve the issue quickly. Your time and efforts are highly appreciated.

    Best Regards,

    Justin Gu
    Monday, November 11, 2013 1:36 AM