NetPIP said:
When we enable Windows Firewall on PC connected to our NT 4.0 domain, it uses
the non-domain settings. How does Windows Firewall determine if it is
connected to a domain? We have tested this on 5 different PC's with the same
results. We are using WINS and DNS (running on NT4 servers).
Hi
The domain profile is only activated if you run a Active Directory
domain.
Here is how the SP2 firewall determines if it is to activate
the domain or standard profile:
If last-received Group Policy update DNS name match any of the
connection-specific DNS suffixes of the currently connected
connections (not PPP or SLIP-based) on the computer the FW's
domain settings will be used. There is no way to change this
behavior.
From
The Cable Guy - May 2004
Network Determination Behavior for Network-Related Group Policy Settings
http://www.microsoft.com/technet/community/columns/cableguy/cg0504.mspx
<quote>
To apply this behavior to Windows Firewall settings:
() If the connection-specific DNS suffix of a currently connected
connection on the computer that is not PPP or SLIP-based (such as
an Ethernet or 802.11 wireless network adapter) matches the value
of the
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Group
Policy\History\NetworkName registry entry, Windows Firewall uses
the domain profile.
() If the connection-specific DNS suffix of a currently connected
connection on the computer that is not PPP or SLIP-based does not
match the value of the
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Group
Policy\History\NetworkName registry entry, Windows Firewall uses
the standard profile.
You can determine the connection-specific DNS suffixes of the
currently connected connections on the computer from the display
of the ipconfig command issued from a command prompt.
</quote>
Read the Cable Guy article for more about this.
