Firewall GPOs Not Being Applied


  • I'm creating the automation of a CIS hardened AMI in Amazon (I'm aware there's one already - however, I prefer to know exactly what's in it).  I did the GPOs for the hardening, and exported the GPOs via copying C:\Windows\System32\GroupPolicy\{machine,user} and imported them onto a new instance via copying to C:\Windows\System32\GroupPolicy\{machine,user}.

    After I run gpupdate /force, the GPOs for other services and settings are applied.  However, Windows Firewall has an issue and doesn't display "Managed by Group Policy" and the settings that are applied in the GPO aren't actually taking place on the Firewall.  I reboot, do another gpupdate /force and still, there's no success.  I ended up modifying a setting "Windows Firewall: Allow Logging" by turning it to Disabled, running gpupdate /force and then turning it back to Enabled with my specific settings and re-running gpupdate /force, and now the Firewall see's the settings.

    I can confirm that before I modify the already enabled setting "Windows Firewall: Allow Logging", the registry keys aren't in the registry.  I can also confirm that after I modify the setting and change it back to Enabled, all Windows Firewall registry keys are in the registry.

    I'm hoping to find a fix that will force GPOs to add the registry keys without manual intervention.


    Monday, June 20, 2016 10:23 PM


All replies