JSI Tip 10249. How do I create a Windows NT 4.0 system policy to manage Windows Firewall in a Windows NT 4.0 domain?

Jerold Schulman

March 8, 2006

2 Min Read
ITPro Today logo in a gray background | ITPro Today

Microsoft Knowledge Base Article 897100 contains the following summary and introduction:

SUMMARY

Domain administrators typically use Group Policy to manage the Windows Firewall program that is included with Microsoft Windows XP Service Pack 2 (SP2). However, Microsoft Windows NT 4.0 does not support Group Policy. Administrators cannot manage Windows Firewall by using Group Policy in a Windows NT 4.0 domain. To resolve this issue, Microsoft provides a policy template that you can use with a Windows NT 4.0 system policy to manage Windows Firewall in a Windows NT 4.0 domain. This article discusses the following tasks:

How to create a Windows NT 4.0 system policy to manage Windows Firewall

How to replicate the new system policy from the primary domain controller (PDC) to all backup domain controllers (BDCs) in the domain

How to apply the new system policy on Windows XP SP2-based client computers


INTRODUCTION

This article discusses how to download the Windows Firewall policy template and how to create a Windows NT 4.0 system policy to manage Windows Firewall in a Windows NT 4.0 domain. The following concepts relate to these tasks:

In a Windows NT 4.0 domain, you cannot add computers togroups. You have to use one of the following methods to apply a system policyto computers:

Note The procedures in this article use the Default Computer object to apply system policy settings to all computers in the domain.

Windows Firewall has two profiles, the domain profile andthe standard profile. These profiles can be managed by using system policies. In aWindows NT 4.0 domain, the computer always loads the standard profile.Note In Windows XP SP2, the Network Location Awareness servicedetermines whether the connection-specific Domain Name System (DNS) suffix andthe primary DNS suffix match. If these suffixes match, Windows Firewall loadsthe domain profile. Otherwise, Windows Firewall loads the standard profile. Ina Windows NT 4.0 domain, the connection-specific DNS suffix and the primary DNSsuffix do not match. Therefore, Windows Firewall always loads the standardprofile.

When you set exceptions in Windows Firewall, you must setthe scope. The scope setting controls the IP addresses from which to acceptunsolicited traffic. Eachexception has its own scope setting.



About the Author

Jerold Schulman

Jerold Schulman

See more from Jerold Schulman
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Newsletter Sign-Up

You May Also Like

Editor's Choice

a gavel at the center of a maze
Regulatory Compliance
Guide To Navigating the Legal Perils After a Cyber IncidentGuide To Navigating the Legal Perils After a Cyber Incident
byIan Horowitz
Sep 20, 2024
7 Min Read
4 different colored figures standing on different sized piles of coins
IT Management
6 Decades After Civil Rights Act, Racial Pay Gap in IT Persists6 Decades After Civil Rights Act, Racial Pay Gap in IT Persists
byJoe Milan
Sep 19, 2024
9 Min Read
skills dial
IT Operations
ERP Skills Outpace AI in 2024 as Demand for IT Strategy SoarsERP Skills Outpace AI in 2024 as Demand for IT Strategy Soars
byNathan Eddy
Sep 23, 2024
7 Min Read
Exclusive ITPro Resources
See all ITPro Resources

Featured How Tos

screenshots of PowerShell code fly off of a laptop screen
PowerShell
PowerShell Screen Captures: How To Automate Screenshots in Your ScriptsPowerShell Screen Captures: How To Automate Screenshots in Your Scripts
tablet with "cloud computing" on the screen on top of financial documents and calculator
Cloud Computing
Guide to Cloud Computing ETFsGuide to Cloud Computing ETFs
A cartoon of a person sitting at a computer, with speech bubbles—one from the person saying Hello and one from the computer responding with Hello
PowerShell
PowerShell Speech Recognition: How To Set up Voice Commands and ResponsesPowerShell Speech Recognition: Set up Voice Commands and Responses
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Newsletter Sign-Up
Trending

Recent What Is

list of domains within the umbrella category of IT security
IT Security
What Is IT Security? Essentials of IT Security ExplainedWhat Is IT Security? Essentials of IT Security Explained
ITPro Today's tech careers quick reference guide cover
Career Management
Tech Careers: Quick Reference Guide to IT Job TitlesTech Careers: Quick Reference Guide to IT Job Titles