Windows Firewall GPO Settings & their Registry values

In PolicySettings.xls - a spreadsheet that lists all GPO settings , some Windows Firewall settings have multiple registry value paths associated with them. In GPO Editor , when enabling these settings , a user must specify more than whether the setting is Enabled/Disabled .

Are all these registry paths required to store 1 Windows Firewall GPO Setting ? For instance::

1.For the policy setting - Windows Firewall: Allow remote administration exception; there are 2 registry values associated : HKLM\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\DomainProfile \\RemoteAdminSettings!Enabled, HKLM\\SOFTWARE\\Policies\\Microsoft \\WindowsFirewall\\DomainProfile\\RemoteAdminSettings!RemoteAddresses Are both neccessary for the GPO setting to be Enabled. To determine if the setting is Enabled, isn't the first 1 sufficient?

Similar case for :

Windows Firewall: Allow file and printer sharing exception

Its 2 registry values are:

1] HKLM\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\DomainProfile \\Services\\FileAndPrint!Enabled, 2] HKLM\\SOFTWARE\\Policies\\Microsoft \\WindowsFirewall\\DomainProfile\\Services\\FileAndPrint!RemoteAddresses

If the 1st Registry value is set to enabled, is it neccessary to check for the Address List.What will the behaviour be , if only the

1stregistry value is present?

  1. On enabling the Logging setting in gpedit.msc , 2 registry values get created - LogFileSize & LogFilePath & on disabling the setting, both registry values get deleted

If 1 registry value say LogFileSize is deleted, is Logging enabled/ disabled effectively? In GPO Editor, the setting before the value was deleted is maintained.i.e. To check if logging is enabled using a script, are the values of both registry values[LogFileSize & LogFilePath] required?

Reply to
Loading thread data ... Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.