locked
Cannot Manage Firewall via Group Policy RRS feed

  • Question

  • I am working with beta test of SBS Server 2008, and I don't seem to be able to manage the OneCare firewall via group policy.  In effect, even though I have configured the necessary rules/exceptions, I still get OneCare firewall messges popping up on the user machines.  Is this a known issue, something that I am doing wrong, or something else entirely?

    Thanks,

    Merrill
    Tuesday, October 14, 2008 3:02 PM

Answers

  • I believe that you will never be able to avoid the allow/block messages unless you configure the client rules for them and I don't know if that is done from within OneCare for Server on the SBS Server, via Group Policy or what. And, even after adding rules, anything that is outside of the scope of the rules are still likely to appear on the OneCare client.

    On the other hand, and I may be way off base and wrong, I thought that you had the ability in the OneCare for Server/Client environment to move the firewall duties out of OneCare and use the SBS supplied firewall (ISA ?) instead without any client going red.

     

    In any event, since I'm pretty clueless about this, and I may be steering you wrong, I think that you ought to contact support regarding this issue.

    How to reach support (FAQ) - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2421771&SiteID=2

     

    -steve

    Wednesday, October 15, 2008 2:09 PM
    Moderator

All replies

  • Merrill, I have no personal experience with OneCare for Server, but I suspect that what you are seeing might be normal. What messages are seen by the clients and what actions can they take, if any?

    -steve

     

    Tuesday, October 14, 2008 4:12 PM
    Moderator
  •  

    Basically, a OneCare firewall message asking to allow/deny.  I don't want my end users making these kinds of decisions, I want to manage them through GP, (or Onecare Server console, but there's nothing there either).

     

    I could turn off OneCare Firewall, and use the windows one, but then onecare is all red and unhappy.  Again a problem.

     

    So I really need a way to control the rules for the OneCare Firewall.

     

    Merrill

    Tuesday, October 14, 2008 7:18 PM
  • I believe that you will never be able to avoid the allow/block messages unless you configure the client rules for them and I don't know if that is done from within OneCare for Server on the SBS Server, via Group Policy or what. And, even after adding rules, anything that is outside of the scope of the rules are still likely to appear on the OneCare client.

    On the other hand, and I may be way off base and wrong, I thought that you had the ability in the OneCare for Server/Client environment to move the firewall duties out of OneCare and use the SBS supplied firewall (ISA ?) instead without any client going red.

     

    In any event, since I'm pretty clueless about this, and I may be steering you wrong, I think that you ought to contact support regarding this issue.

    How to reach support (FAQ) - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2421771&SiteID=2

     

    -steve

    Wednesday, October 15, 2008 2:09 PM
    Moderator