Archived from groups: microsoft.public.win2000.group_policy (
More info?)
Thanks for fast information replay and help !
"Mark Williams [MSFT]" wrote:
> Hi,
>
> I assume you have installed the W2K fixes that allow your domain controller
> to load the XP SP2 .adm files without the error messages. The good news is
> that this fixes the appropriate bug in W2K. However, some of the new policy
> settings (the ones you have mentioned, plus some for Internet Explorer) use
> the LISTBOX ADDITIVE statement in their definition which are not associated
> with "version 5" within the .adm file (for those of you familiar with that
> syntax). Without going into the gory details (we plan a KB article to do
> just that!!), this was the underlying issue we needed to fix. We were able
> to do this "in full" for both XP and Windows Server 2003 (both fix the error
> messages and make the LISTBOX ADDITIVE policy settings manageable from
> GPEdit). However, for Windows 2000 we were able to fix the error messages
> but this platform does not support management of the LISTBOX ADDITIVE policy
> settings.
>
> The net result of all this is as you state - these policy settings can be
> edited from GPEdit running on Windows Server 2003 or Windows XP, but not
> from Windows 2000. Just to avoid any possible confusion that does NOT mean
> that there any issues managing XP SP2 clients (which support these Windows
> Firewall policy settings) in a Windows 2000 domain - that works just fine.
> It's the EDITING of the GPOs where you can't use Windows 2000. Our
> recommendation remains to manage GPOs from an administrative workstation,
> rather than from the server.
>
> I hope that helps.
>
> --
> Mark Williams
> Program Manager, Group Policy
>
http://www.microsoft.com/technet/grouppolicy
>
> This posting is provided "AS IS" with no warranties, and confers no rights.
> "nikl" <nikl@discussions.microsoft.com> wrote in message
> news:E9446053-6AEE-40AF-9548-B7267CB96F50@microsoft.com...
> > The new group policy adm files from XPSP2 imported to 2000 server gpo. Got
> > one minor problem, It seems all registry settings are avaible exept two of
> > them.
> >
> > Computer Configuration\Administrative Templates\Network\Network
> > Connections\Windows Firewall\Domain Profile\Windows Firewall: Define
> > program
> > exceptions and Windows Firewall: Define port exceptions
> >
> > I can't manage them or see them when running from server (gpo edit),
> > however
> > running from a client (XPSP2) via mmc it works.
> >
> > Are this only edit able from XPSP2 ?
>
>
>