Put your workstations into a separate OU and create the policy there. You
don't have to set all policies at the domain level; in fact, the only
policies that *must* be set at the domain level are the domain
password/Kerberos policy settings.
Laura
-----Original Message-----
From: Russell Morrison [mailto:rmorrison@axys.net]
Sent: Wednesday, September 21, 2005 2:04 PM
To: 'Focus-MS'
Subject: Group Policy Question on firewalls
To all;
I would like to turn on the Windows Firewall application on
all network connected desktops and have seen where this can
be done within the Domain Group Policy. However, I don't
want to also turn on the firewalls on my Windows 2003 servers
as this will likely block normal network traffic. Is there a
setting, either within the Domain Group Policy that allows me
to differentiate between servers and desktops for firewalls,
or is there a setting within the server local security policy
or server registry that would allow me to disable that
service on the server? I am running 2003 AD,
2003 servers with latest patches, and a mixtures of XP and
2000 desktops also running latest patches.
Thanks for any help.
R
**************************************************************
*********
Confidentiality Notice: This e-mail message, including any
attachments, is for the sole use of the intended recipient(s)
and may contain confidential and privileged information. Any
unauthorized review, use, disclosure or distribution is
prohibited. If you are not the intended recipient, please
contact the sender by reply e-mail and destroy all copies of
the original message plus any attachments.
**************************************************************
*********
--------------------------------------------------------------
-------------
--------------------------------------------------------------
-------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
