E
eckermike
I am working on turning on the domain profile for Windows 10 via gpo. We have a relatively large environment and this has not been turned on for the domain profile in the past. So the current plan is turn on the Firewall with Policy and create an Any/Any rule for inbound connections and then use the event log/firewall log to assist in creating exception rules and then turning the block inbound connections option on.
The problem I am currently having is that when I configure the policy via the windows settings in a GPO I am not getting the expected behavior regarding the windows\system32\logfiles\firewall log. The firewall folder and pfirewall.log(defaults from MS) are not being created. If I configure the same settings on the local machine the files are created. I have verified the Firewall Service Account has the correct permissions.
In win7 and win10 the policy sets the registry settings under HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Logging are configured as the policy is set.
However, in win7 the keys under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging match those configurations. In Win10 they do not. So my guess is MS has updated the policy reg key for win10 but not updated the admx for it. Is it possible to see what keys under software\policies the firewall service is looking for on Windows 10 somehow?
Continue reading...
The problem I am currently having is that when I configure the policy via the windows settings in a GPO I am not getting the expected behavior regarding the windows\system32\logfiles\firewall log. The firewall folder and pfirewall.log(defaults from MS) are not being created. If I configure the same settings on the local machine the files are created. I have verified the Firewall Service Account has the correct permissions.
In win7 and win10 the policy sets the registry settings under HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Logging are configured as the policy is set.
However, in win7 the keys under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging match those configurations. In Win10 they do not. So my guess is MS has updated the policy reg key for win10 but not updated the admx for it. Is it possible to see what keys under software\policies the firewall service is looking for on Windows 10 somehow?
Continue reading...