Archived from groups: microsoft.public.windowsxp.security_admin (
More info?)
Why not instead create port rules or application exceptions so that the student
applications run while the firewall is enabled? I would think that's better
than switching off the firewall completely.
Steve Riley
steriley@microsoft.com
> Even easier, just create a separate GP and OU for those users in AD,
> where the firewall is off - when they logon, the firewall will be off,
> when anyone else logs on the firewall is on. If you have AD and the
> domain setup correctly, AD will apply the GP based on the user's GP
> policy in the OU they belong.
>
> "Desmond Lee" <mcp@donotspamplease.mars> wrote in message
> news:8C0943D3-E54E-48EB-B7ED-643732860190@microsoft.com...
>
>> Put the machines in their own OU and configure GPO to disable XP's
>> Windows Firewall when they are in the AD domain.
>>
>> Run GPMC from a Win XP SP2 machine or copy System.adm template to a
>> DC (typically the PDC - Win 200x).
>>
>> Set GPO at:
>>
>> Computer Configuration > Administrative Templates > Network > Network
>> Connections > Windows Firewall > Domain Profile > Windows Firewall:
>>
> Protect
>
>> all network connections = Disabled.
>>
>> Alternatively, disable the Windows Firewall Service altogether via
>> GPO.
>>
>> Do let us know if this helps. Thanks!
>>
>> "Milos Puchta" wrote:
>>
>>> Hi to All,
>>>
>>> I am very curious if there is any easy way how to solve the
>>> following: There is a need to switch of the firewall function in
>>> Windows XP for
>>>
> some
>
>>> students/workstations. They are developing some applications that
>>> communicate among various ports.
>>> Is there any way how to achieve it without giving the admin rights?
>>> PC are members of Active Directory.
>>> Regards,
>>> Milos