Windows XP SP3 Enables The Firewall even If you have it disabled as a Group Policy! Quick Fix!
So after installing Windows XP SP3 this morning I noticed that the Windows Firewall popped up on restart asking me if I wanted to allow My VNC server access to the internet then my instant messenger. WTF?
I hate the Windows Firewall. You can see my feelings illustrated by the picture at the top of top of this post. I have a domain group policy in place – explicitly disabling the service via a few options. That didn’t stop them from re-enabling it.
After closer inspection I discovered M$ has renamed the Firewall services’ name to be “SharedAccess” and this breaks some stuff. (I am sure they did it intentionally for the MalWare authors of the world!)
Since we do not use the Windows Firewall in my domain it is NOT configured – so when it automagically pops on – SHIT DON”T WORK FOR THE GOOD OLD END USERS!
After querying my machine for services using this command:
I got a full listing of my services and after scrolling down I found this:
Now I needed a quick work-a-round for my SP3 test group. I created a line in my default user login script:
And that shut it down! Thanks for letting me know M$ as always I appreciate the curve ball. I know your just keeping us Admin’s on our toes!
On some happier notes, I am seeing some other great results with memory allocation and overall speediness. I am digging the updated MSTSC remote desktop client as well.
_TheNotSoBetaTestingAdmiN_
No trackbacks yet.
How Can I Change Local Passwords on A LOT of Workstations? (2 Years Ago Today)
January 5, 2010 - 10:51 am
Tags: General
Posted in Admin's Arsenal, How To, Questions | 19 comments
I know the feeling of your secure network being compromised by an end user… Passwords do fall into the wrong hands and then what do you do? Scenarios start running through my head and I make a mental list of all the passwords and system configs that need to be changed. These aren’t fun times [...]
Is it possible to have TOO MUCH RAM?
January 3, 2010 - 12:52 am
Tags: General
Posted in Questions | 22 comments
You know the saying, “You can’t have too much RAM or too much storage.” Well, there is at least one case where a lot of RAM can cause problems. My current desktop had 1 Gig of RAM and I recently bought an additional 2 Gigs since the price was so low. (And of course I [...]
Adding your own options to the XP right click menu.
October 26, 2009 - 6:30 am
Tags: General
Posted in How To | 9 comments
As avid Windows users you have seen how applications add right click menu options. For instance Mcafee antiVirus adds a shortcut to Scan For Threats in the selected folder or Resco’s options to encrypt or de-crypt a folder. Now you want to add useful right click options for yourself and AtA is here to show [...]
Windows Vista Little Known Shortcuts! Awesome.
October 15, 2009 - 12:00 am
Tags: General
Posted in Admin's Arsenal, How To, Tips/Tricks | 5 comments
Everyone knows your friendly neighborhood admin is all about shortcut keys and uber productivity. I don’t know how I never found this one before… Check it out you have your quick launch buttons displayed next to your start menu for easy access. By default you have Show Desktop, IE and whatever other applications you installed. [...]
I need a FREE solution to recover deleted files!
August 11, 2009 - 12:52 am
Tags: General
Posted in How To, Reviews | 15 comments
We have used many different retail programs to recover accidentally or maliciously deleted files off of our PC, Digital Camera or Mobile device. We have tried a few free ones and they bring us back to the old saying… You get whatcha pay for! As such we never really covered the topic here on Ata, [...]
Identify your memory without cracking the case.
July 30, 2009 - 12:00 am
Tags: General
Posted in Reviews | 10 comments
We have reviewed Crucial Memory in the past here when we gave away a 2gb memory module to one of our readers. So we were happy to plug them again when Jenny from San Fransisco wrote us asking: Yo Admin can you tell me what kind of memory is in my PC without me having [...]
Find all your drivers with Double Driver.
July 24, 2009 - 12:00 am
Tags: General
Posted in Admin's Arsenal, Free Download | 6 comments
Do you hate looking for and downloading drivers on every re-format? Well if you can get to your desktop you should be able to run Double Driver and copy your drivers off your machine to a USB stick and then restore them right back into your fresh clean formatted system! We covered something a little [...]
Can I save my searches to reuse them in Vista?
June 1, 2009 - 12:00 am
Tags: General
Posted in How To | No comments
So are you wondering why you would want to save your searches? Think about it… How would you like the ability to dynamically find the items you need with a saved search? So the boss called and said – I need all the purchase orders less than a months old and tagged Smith? How about [...]
Can I Make My Own High Priority Folder Like My Documents?
April 16, 2009 - 7:56 am
Tags: General
Posted in How To, Questions | 5 comments
This morning we had a request for adding a “High Priority Folder”. This would be a top level folder that shows up on your Windows desktop and in My Computer. Didn’t think you could do that? Well read on… The folder we will be creating can not be removed – just like My Computer or [...]
Can I migrate printers from one machine to another easily?
April 7, 2009 - 12:00 am
Tags: General
Posted in Admin's Arsenal, Free Download, How To, Questions, Reviews | 3 comments
I had the pleasure of attempting to migrate a print server this weekend. I mean I had to figure out a quick and efficient way to install the 70 some odd printers on a new server. I was not going to be doing this manually that was for shit sure! I had some junior admins [...]
April 29, 2008 - 5:03 pm
You're right. Windows firewall is dreadful. I installed SP3 Final tonight (after un-installing RC1) and it DID NOT turn my firewall on – and it was off beforehand as I have third party cover. Strange…..
Click to Reply to This Comment.
April 29, 2008 - 6:11 pm
Very.
All 4 of my sp machines did it. 3 normal upgrades and one clean install with sp3 slip streamed.
anyone else??
Click to Reply to This Comment.
April 29, 2008 - 6:41 pm
Office machine went great! about to do my home machine
Click to Reply to This Comment.
April 30, 2008 - 4:09 am
I'll make sure I do this when I get to install SP3 :) Thanks man. Great tip.
Click to Reply to This Comment.
April 30, 2008 - 6:35 am
I had the same issue and was able to manually disable it through the services.msc on reboot. Only one of 8 machines I did had this issue any one know why?
Click to Reply to This Comment.
April 30, 2008 - 9:51 am
We did not run into this at my place yet. I have installed it on only 2 PCs so far. I have GPO that disables the firewall. Both on reboot stayed off.
Click to Reply to This Comment.
April 30, 2008 - 10:33 am
How did you have it disabled? I have been getting mixed reactions today – I wonder if it is which options you use to disable it.
Thanks!
Click to Reply to This Comment.
April 30, 2008 - 11:15 am
I have it disabled in a few places.
1) Computer => Windows Settings => Security Settings => System Services =>Windows Firewall/Internet Connection Sharing (ICS) (Startup Mode: Disabled)
2) Computer Config => Administraive Template => Network/ Network Connections =>Prohibit use of Internet Connection Firewall on your DNS domain network Enabled
Click to Reply to This Comment.
April 30, 2008 - 11:30 am
I had the second one in my Group Policy and I had defined the actual Windows Firewall service to be disabled via:
Computer Configuration— Windows Settings —- System Services it was disabled.
I did not have the first one. I will add this to my G and try deploying again! Thanks Rever75 -how has your testing been going?
Click to Reply to This Comment.
May 1, 2008 - 11:16 am
So far testing is going pretty smoothly. I am running SP3 on 2 test networks. One in a VM network another in out Testing Lab. We have a few in house Apps I need to test a bit more but not to familiar with them. Waiting on someone from that dept. If all goes well, when MS release it I will deploy via WSUS.
Click to Reply to This Comment.
May 20, 2008 - 5:33 pm
This article is rubbish.
SharedAccess has always been the name of "Windows firewall" and after every SP upgrade we have had the same issue, That looks pretty much like designed. Seems like people have forgot how the service packs work.
You dont need to play with the "service controller" as advised here.
Open the GPMC (Group Policy Management Console)
Click on Start> Run>
Type in GPEDIT.MSC and click on OK.
The Windows policy that allows you to disable the Internet Connection Firewall for all users including administrators is at the following location in the Windows policy tree:
Local Computer Policy/Computer Configuration/Administrative Templates/Network/Network Connections
On the right hand side, you will see "Prohibit use of Internet Connection Firewall on your DNS Domain." That's where you get to play with it and the of course run the GPUPDATE /FORCE
Click to Reply to This Comment.
May 20, 2008 - 5:53 pm
Thanks for your outspoken input Sandeep always appreciated :)
Click to Reply to This Comment.
April 9, 2009 - 3:28 am
Hello, I’m one year behind, but can I have yet to be able to solve this problem.
I tried what Sandeep said, but the Firewall still turns itself on upon every reboot.
Or rather I have no idea what to set up in Local Computer Policy/Computer Configuration/Administrative Templates/Network/Network Connections.
Please advise.
Click to Reply to This Comment.