In PolicySettings.xls - a spreadsheet that lists all GPO settings , some Windows Firewall settings have multiple registry value paths associated with them. In GPO Editor , when enabling these settings , a user must specify more than whether the setting is Enabled/Disabled .
Are all these registry paths required to store 1 Windows Firewall GPO Setting ? For instance::1.For the policy setting - Windows Firewall: Allow remote administration exception; there are 2 registry values associated : HKLM\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\DomainProfile \\RemoteAdminSettings!Enabled, HKLM\\SOFTWARE\\Policies\\Microsoft \\WindowsFirewall\\DomainProfile\\RemoteAdminSettings!RemoteAddresses Are both neccessary for the GPO setting to be Enabled. To determine if the setting is Enabled, isn't the first 1 sufficient?
Similar case for :
Windows Firewall: Allow file and printer sharing exception
Its 2 registry values are:1] HKLM\\SOFTWARE\\Policies\\Microsoft\\WindowsFirewall\\DomainProfile \\Services\\FileAndPrint!Enabled, 2] HKLM\\SOFTWARE\\Policies\\Microsoft \\WindowsFirewall\\DomainProfile\\Services\\FileAndPrint!RemoteAddresses
If the 1st Registry value is set to enabled, is it neccessary to check for the Address List.What will the behaviour be , if only the1stregistry value is present?
- On enabling the Logging setting in gpedit.msc , 2 registry values get created - LogFileSize & LogFilePath & on disabling the setting, both registry values get deleted
If 1 registry value say LogFileSize is deleted, is Logging enabled/ disabled effectively? In GPO Editor, the setting before the value was deleted is maintained.i.e. To check if logging is enabled using a script, are the values of both registry values[LogFileSize & LogFilePath] required?