KB ID 0001090
Problem
I’ve got nothing against the Windows firewall, it’s certainly a lot easier to manage now than it was back in the XP SP2 days. But I find a lot of clients still just ‘want it gone’ and, providing they have a decent corporate firewall in front of them that’s fair enough.
Solution
1. On a domain controller or a client running the remote administration tools > Windows Key+R > gpmc.msc {Enter} > The Group Policy Management Console will open.
2. Select the OU that contains the ‘Computers’ you want to enforce this policy on, (or here I’m choosing the entire domain) > Right Click > ‘Create GPO in this domain, and link it here..’.
3. Give the policy a sensible name so you can see what it is doing later.
4. Right click your new policy > Edit.
5. Navigate to;
Computer Configuration > Policies > Administrative Templates > Network > Network connections > Windows Firewall > Domain Profile > Windows Firewall: Protect all network connections
6. Set the policy to disabled.
7. Close the Group Policy Management Editor. If you have a Windows 2012 domain you can force the policy refresh on a particular OU like so.
9. Or simply run gpupdate /force on the target machine, (or you could also wait a couple of hours, or reboot the target machines).
SBS Note
An (SBS) Small Business Server domain enables the client firewall by default! The policy us called Windows Firewall Policy, which is usually linked to the computer OU under ‘My Business’.
Related Articles, References, Credits, or External Links
Windows – Open a Firewall Port with Group Policy
