Group Policy Management
body { font-size:68%;font-family:MS Shell Dlg; margin:0px,0px,0px,0px; border: 1px solid #666666; background:#F6F6F6; width:100%; word-break:normal; word-wrap:break-word; } .head { font-weight:bold; font-size:160%; font-family:MS Shell Dlg; width:100%; color:#6587DC; background:#E3EAF9; border:1px solid #5582D2; padding-left:8px; height:24px; } .path { margin-left: 10px; margin-top: 10px; margin-bottom:5px;width:100%; } .info { padding-left:10px;width:100%; } table { font-size:100%; width:100%; border:1px solid #999999; } th { border-bottom:1px solid #999999; text-align:left; padding-left:10px; height:24px; } td { background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; } .btn { width:100%; text-align:right; margin-top:16px; } .hdr { font-weight:bold; border:1px solid #999999; text-align:left; padding-top: 4px; padding-left:10px; height:24px; margin-bottom:-1px; width:100%; } .bdy { width:100%; height:182px; display:block; overflow:scroll; z-index:2; background:#FFFFFF; padding-left:10px; padding-bottom:10px; padding-top:10px; border:1px solid #999999; } button { width:6.9em; height:2.1em; font-size:100%; font-family:MS Shell Dlg; margin-right:15px; } @media print { .bdy { display:block; overflow:visible; } button { display:none; } .head { color:#000000; background:#FFFFFF; border:1px solid #000000; } }
Setting Path:
Explanation
No explanation is available for this setting.
Supported On:
Not available
Testing Windows XP SP2 Open Ports
Data collected on: 8/25/2004 2:38:50 PM
General
Details
Domainiowa.uiowa.edu
OwnerIOWA\newton
Created8/20/2004 11:50:58 AM
Modified8/25/2004 2:38:40 PM
User Revisions0 (AD), 0 (sysvol)
Computer Revisions17 (AD), 17 (sysvol)
Unique ID{F161417E-76F2-4E66-9B5E-C642A1244467}
GPO StatusEnabled
Links
LocationEnforcedLink StatusPath
TestNoEnablediowa.uiowa.edu/ITS/SPA/ECM/WS/Test

This list only includes links in the domain of the GPO.
Security Filtering
The settings in this GPO can only apply to the following groups, users, and computers:
Name
NT AUTHORITY\Authenticated Users
WMI Filtering
WMI Filter NameNone
DescriptionNot applicable
Delegation
These groups and users have the specified permission for this GPO
NameAllowed PermissionsInherited
IOWA\Domain AdminsEdit settings, delete, modify securityNo
IOWA\echambEdit settings, delete, modify securityNo
IOWA\newtonEdit settings, delete, modify securityNo
NT AUTHORITY\Authenticated UsersRead (from Security Filtering)No
NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERSReadNo
NT AUTHORITY\SYSTEMEdit settings, delete, modify securityNo
UIOWA\Enterprise AdminsEdit settings, delete, modify securityNo
Computer Configuration (Enabled)
Administrative Templates
Network/Network Connections/Windows Firewall/Domain Profile
PolicySetting
Windows Firewall: Allow file and printer sharing exceptionEnabled
Allow unsolicited incoming messages from:128.255.0.0/16
Syntax:
Type "*" to allow messages from any network, or
else type a comma-separated list that contains
any number or combination of these:
IP addresses, such as 10.0.0.1
Subnet descriptions, such as 10.2.3.0/24
The string "localsubnet"
Example: to allow messages from 10.0.0.1,
10.0.0.2, and from any system on the
local subnet or on the 10.3.4.x subnet,
type the following:
10.0.0.1,10.0.0.2,localsubnet,10.3.4.0/24
PolicySetting
Windows Firewall: Allow ICMP exceptionsEnabled
Allow outbound destination unreachableDisabled
Allow outbound source quenchDisabled
Allow redirectDisabled
Allow inbound echo requestEnabled
Allow inbound router requestDisabled
Allow outbound time exceededDisabled
Allow outbound parameter problemDisabled
Allow inbound timestamp requestDisabled
Allow inbound mask requestDisabled
Allow outbound packet too bigDisabled
PolicySetting
Windows Firewall: Allow local port exceptionsEnabled
Windows Firewall: Allow local program exceptionsEnabled
Windows Firewall: Allow loggingEnabled
Log dropped packetsDisabled
Log successful connectionsDisabled
Log file path and name:c:\windows\pfirewall.log
Size limit (KB):4096
PolicySetting
Windows Firewall: Allow remote administration exceptionEnabled
Allow unsolicited incoming messages from:128.255.0.0/16
Syntax:
Type "*" to allow messages from any network, or
else type a comma-separated list that contains
any number or combination of these:
IP addresses, such as 10.0.0.1
Subnet descriptions, such as 10.2.3.0/24
The string "localsubnet"
Example: to allow messages from 10.0.0.1,
10.0.0.2, and from any system on the
local subnet or on the 10.3.4.x subnet,
type the following:
10.0.0.1,10.0.0.2,localsubnet,10.3.4.0/24
PolicySetting
Windows Firewall: Allow Remote Desktop exceptionEnabled
Allow unsolicited incoming messages from:*
Syntax:
Type "*" to allow messages from any network, or
else type a comma-separated list that contains
any number or combination of these:
IP addresses, such as 10.0.0.1
Subnet descriptions, such as 10.2.3.0/24
The string "localsubnet"
Example: to allow messages from 10.0.0.1,
10.0.0.2, and from any system on the
local subnet or on the 10.3.4.x subnet,
type the following:
10.0.0.1,10.0.0.2,localsubnet,10.3.4.0/24
PolicySetting
Windows Firewall: Prohibit notificationsDisabled
Windows Firewall: Prohibit unicast response to multicast or broadcast requestsDisabled
Windows Firewall: Protect all network connectionsEnabled
Network/Network Connections/Windows Firewall/Standard Profile
PolicySetting
Windows Firewall: Do not allow exceptionsEnabled
Windows Firewall: Protect all network connectionsEnabled
Extra Registry Settings
Display names for some settings cannot be found. You might be able to resolve this issue by updating the .ADM files used by Group Policy Management.

SettingState
SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts\Enabled1
SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts\List\2701:TCP:*:enabled:Remote Tools2701:TCP:*:enabled:Remote Tools
SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts\List\2702:TCP:*:enabled:Remote Control2702:TCP:*:enabled:Remote Control
SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts\List\2703:TCP:*:enabled:Chat2703:TCP:*:enabled:Chat
SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts\List\2704:TCP:*:enabled:File Transfer2704:TCP:*:enabled:File Transfer
User Configuration (Enabled)
No settings defined.