Vista - Disable Windows Firewall when first joining Vista to an Ad domain

I have seen a few post related to this. Vista's firewall really locks
things down, so much so that very little connectivity is allowed, even
trusted. Since there are no GPOs for Vista yet AFAIK, ther eis know way to
tweak the settings via Group Policy. To rejoin my Vista box to my Windows
2003 R2 domain, I had to disable the Windows Firewall, run "gpupdate /sync"
to resync the machine to to the domain, then add polcies to allow all
inbound and outbound for my defined AD LAN(s), then re-enable the firewall.

IMHO, the fact that the firewall is so restrictive will increase time/costs
for business deployment. I suppose this is the tradeoff since past releases
of Windows were to easily exploited out of the box.

--
Edward Ray
CCIE Security, CISSP, GCIA Gold, GCIH Gold, MCSE+Security, PE

This fixed my issue. Now able to log on to 2003 domain

Thanks for posting this!

"Edward Ray" wrote:

> I have seen a few post related to this. Vista's firewall really locks
> things down, so much so that very little connectivity is allowed, even
> trusted. Since there are no GPOs for Vista yet AFAIK, ther eis know way to
> tweak the settings via Group Policy. To rejoin my Vista box to my Windows
> 2003 R2 domain, I had to disable the Windows Firewall, run "gpupdate /sync"
> to resync the machine to to the domain, then add polcies to allow all
> inbound and outbound for my defined AD LAN(s), then re-enable the firewall.
>
> IMHO, the fact that the firewall is so restrictive will increase time/costs
> for business deployment. I suppose this is the tradeoff since past releases
> of Windows were to easily exploited out of the box.
>
> --
> Edward Ray
> CCIE Security, CISSP, GCIA Gold, GCIH Gold, MCSE+Security, PE
>

See here
http://www.microsoft.com/technet/win...b090dc4fd.mspx

"Andy Paul" <AndyPaul@discussions.microsoft.com> wrote in message
news7894DFC-C539-43C6-987D-2C07AA7ED5EA@microsoft.com...
> This fixed my issue. Now able to log on to 2003 domain
>
> Thanks for posting this!
>
> "Edward Ray" wrote:
>
>> I have seen a few post related to this. Vista's firewall really locks
>> things down, so much so that very little connectivity is allowed, even
>> trusted. Since there are no GPOs for Vista yet AFAIK, ther eis know way
>> to
>> tweak the settings via Group Policy. To rejoin my Vista box to my
>> Windows
>> 2003 R2 domain, I had to disable the Windows Firewall, run "gpupdate
>> /sync"
>> to resync the machine to to the domain, then add polcies to allow all
>> inbound and outbound for my defined AD LAN(s), then re-enable the
>> firewall.
>>
>> IMHO, the fact that the firewall is so restrictive will increase
>> time/costs
>> for business deployment. I suppose this is the tradeoff since past
>> releases
>> of Windows were to easily exploited out of the box.
>>
>> --
>> Edward Ray
>> CCIE Security, CISSP, GCIA Gold, GCIH Gold, MCSE+Security, PE
>>