XP SP2 Firewall program exceptions

G

Guest

Hello,
I have applied group policy settings to allow certain program
exceptions everything is working fine except a couple of machines . They do
not seem to get the exception list if i rebbot a couple of times they
eventually get it any ideas why they are not getting the exceptions
everytime. I did not see any errors in event viewer.

thanks,
John
 
M

Mark Renoden [MSFT]

Hi John

You could take a

gpresult /z

from the client when it succeeds and when it fails and compare. It's
possible you're running into an issue where XP is allowing you to log on
before the network is ready (this is the default in Windows XP). If you
allow the client to sit for some time before logging on, does it appear to
succeed?

You can configure XP to wait for the network before presenting the logon
dialog. This is done in group policy under Computer configuration ->
Administrative Templates -> System -> Logon -> Always wait for the network
at computer startup and logon.

Ultimately you can gather a user environment debug log to see what's going
on. Beware the logs are fairly low level:

221833 How to enable user environment debug logging in retail builds of
Windows
http://support.microsoft.com/?id=221833

HTH
--
Mark Renoden [MSFT]
Windows Platform Support Team
Email: (e-mail address removed)

Please note you'll need to strip ".online" from my email address to email
me; I'll post a response back to the group.

This posting is provided "AS IS" with no warranties, and confers no rights.
 
G

Guest

Mark,
I already have wait for network enabled. Could it be anything else ?

John

Mark Renoden said:
Hi John

You could take a

gpresult /z

from the client when it succeeds and when it fails and compare. It's
possible you're running into an issue where XP is allowing you to log on
before the network is ready (this is the default in Windows XP). If you
allow the client to sit for some time before logging on, does it appear to
succeed?

You can configure XP to wait for the network before presenting the logon
dialog. This is done in group policy under Computer configuration ->
Administrative Templates -> System -> Logon -> Always wait for the network
at computer startup and logon.

Ultimately you can gather a user environment debug log to see what's going
on. Beware the logs are fairly low level:

221833 How to enable user environment debug logging in retail builds of
Windows
http://support.microsoft.com/?id=221833

HTH
--
Mark Renoden [MSFT]
Windows Platform Support Team
Email: (e-mail address removed)

Please note you'll need to strip ".online" from my email address to email
me; I'll post a response back to the group.

This posting is provided "AS IS" with no warranties, and confers no rights.

JOhn said:
Hello,
I have applied group policy settings to allow certain program
exceptions everything is working fine except a couple of machines . They
do
not seem to get the exception list if i rebbot a couple of times they
eventually get it any ideas why they are not getting the exceptions
everytime. I did not see any errors in event viewer.

thanks,
John
Click to expand...
Click to expand...
 
M

Mark Renoden [MSFT]

Hi John

I could be any number of things. The logging is the best bet.

HTH
--
Mark Renoden [MSFT]
Windows Platform Support Team
Email: (e-mail address removed)

Please note you'll need to strip ".online" from my email address to email
me; I'll post a response back to the group.

This posting is provided "AS IS" with no warranties, and confers no rights.

JOhn said:
Mark,
I already have wait for network enabled. Could it be anything else ?

John

Mark Renoden said:
Hi John

You could take a

gpresult /z

from the client when it succeeds and when it fails and compare. It's
possible you're running into an issue where XP is allowing you to log on
before the network is ready (this is the default in Windows XP). If you
allow the client to sit for some time before logging on, does it appear
to
succeed?

You can configure XP to wait for the network before presenting the logon
dialog. This is done in group policy under Computer configuration ->
Administrative Templates -> System -> Logon -> Always wait for the
network
at computer startup and logon.

Ultimately you can gather a user environment debug log to see what's
going
on. Beware the logs are fairly low level:

221833 How to enable user environment debug logging in retail builds of
Windows
http://support.microsoft.com/?id=221833

HTH
--
Mark Renoden [MSFT]
Windows Platform Support Team
Email: (e-mail address removed)

Please note you'll need to strip ".online" from my email address to email
me; I'll post a response back to the group.

This posting is provided "AS IS" with no warranties, and confers no
rights.

JOhn said:
Hello,
I have applied group policy settings to allow certain program
exceptions everything is working fine except a couple of machines .
They
do
not seem to get the exception list if i rebbot a couple of times they
eventually get it any ideas why they are not getting the exceptions
everytime. I did not see any errors in event viewer.

thanks,
John
Click to expand...
Click to expand...
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Firewall not using domain profile 4
Windows XP SP2 firewall port exceptions via Group Policy failing 4
Managing Group Policy on XP SP2 14
XP Firewall Issue - Domain 1
XPSP2 Windows Firewall Group Policy not being applied 12
Firewall settings not taking. 1
Enabling File and Print Sharing via Group Policy 2
Windows Firewall (WindowsXP SP2) 3

Top