Gunther Schlegel
2004-Sep-07 09:56 UTC
[Samba] XP SP2 firewall does not activate domain profile
Hi,
MS released the wfnt.adm policy template file to create NT4 system
policies that configure the firewall.
The XP SP2 firewall offers two profiles:
- "Domain profile" is used when the computer is connected to a managed
network
- "Standard profile" is used otherwise
In our totally Samba 3.0.6 based setup the XP SP2 firewall does not
recognize to be on the managed network, instead it always activates the
standard profile.
According to MS Documentation (CableGuy column May 2004) the firewall
decides based on the DNS name of the last domain it received a group
policy from. This name is compared to the DNS name of the network
connection and the domain profile of the firewall should be activated if
both values match.
As NT4 / Samba3 does not support Group Policies there is probably no
"Last group policy DNS domain name". ( At least gpresult gives
"not
applicable" ).
However there must be some way for the firewall to decide -- otherwise
the release of a policy file by MS would be quiet useless.
Does anyone use wfnt.adm with success?
regards, Gunther
--
Gunther Schlegel Riege Software International GmbH
Manager System Administration Mollsfeld 10
40670 Meerbusch, Germany
Email: schlegel@riege.com Phone: +49-2159-9148-0
Fax: +49-2159-9148-11
---------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :
http://lists.samba.org/archive/samba/attachments/20040907/c80cc061/attachment.bin