We need Windows7 with windows firewall to be turned off , so the GOLD image has windows firewall turned off for all profiles(Domain,Public,Standard) and Windows Service disabled
No the same GOLD image deployed with MDT (Apply local GPO) has enabled Windows Firewall under "Windows Firewall with Advanced Security" as part of task sequence
Now we need to remove it.
"These machines are now on Domain where in we have no rights/control on the domain level GPO", we have local admi rights on these machines
We have a requirement do set the "Windows Firewall with Advanced Security" to "NOT Configured" or "OFF "on these machines
In gpedit.msc if we manually go to "Windows Firewall with Advanced Security" after enabling Windows Firewall Services
then can Clear the settings
Do do the same manually on all machines is extra effort
Changing values in registry will get reverted on machine restart as its getting applied from local GPO
Also using GPMC can connect to remote computer and can manually or using wfw file we can make it not configured
but we are looking for a script or a less effort method to accomplish this
Please suggest
NB:
CIA has already reported similar issue//How do I turn off Windows 7 Firewall via script or through automation?// , but doing netsh advfirewall set allprofiles state off on already deployed machines did not make change (FW service on all machine is disabled in GOLd image)//
Thanks and Regards
Jose
Best Answer
The issue was fixed by removing the Registry.pol file from---
C:\Windows\system32\GroupPolicy\Machine
On removing this file and a restart (not always needed) removed the local policy set my MDT Under “Windows Firewall with Advanced Security" and made it as not configured
May be we can just edit th Firewall part alone from Rgistry.pol file using some special tools as direct editing the file in a normal editor like notepad causes corruption to the file.
Thanks and Regards JoBo