In
PolicySettings.xls - a spreadsheet that lists all GPO settings available at
http://www.microsoft.com/downloads/d...displaylang=en, some
settings have multiple registry value paths associated with them.
[In GPO Editor , when enabling the settings listed below, a user must specify more than whether the setting is Enabled/Disabled ]
Are all these registry values required to store each Windows Firewall GPO Setting ? For instance::
1.For the policy setting -
Windows Firewall: Allow remote administration exception;
there are 2 registry values associated :
1] HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\D omainProfile\RemoteAdminSettings!Enabled,
2] HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\D omainProfile\RemoteAdminSettings!RemoteAddresses
Are both neccessary for the GPO setting to be Enabled. To determine if the setting is Enabled,
isn't the first 1 sufficient?
Similar case for :
Windows Firewall: Allow file and printer sharing exception
Its 2 registry values are:
1] HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\D omainProfile\Services\FileAndPrint!Enabled,
2] HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\D omainProfile\Services\FileAndPrint!RemoteAddresses
If the 1st Registry value is set to enabled, is it neccessary to check for the Address List.
What will the behaviour be , if only the 1st registry value is present?
2. On enabling the Logging setting in gpedit.msc , 2 registry values get created - LogFileSize & LogFilePath & on disabling the setting, both registry values get deleted
If 1 registry value say LogFileSize is deleted, is Logging enabled/disabled effectively? In GPO Editor, the setting before the value was deleted is maintained.i.e. To check if logging is enabled using a script, are the values of both registry values[LogFileSize & LogFilePath] required?
Few GPO Windows Firewall Settings that have 2 registry values associated with them
Linear Mode
