J
Jonathan M. Martinez
I've come across an issue that always comes up with group policy and its caused by missing Windows updates. I wanted to post this here as I have never found a solution to the issue in any forums.
When you see a domain joined workstation with firewall rules having "@firewall.dll,-9XXXX" in any fields in the "Windows Firewall with Advanced Security" console. This can be caused by missing windows patches.
This prevents the rules from merging as the names don't match the local rules. This can prevent GP rules from applying because there is a disabled duplicate rule on the local firewall rules.
This can also be caused by corruption in the rules or antivirus.
If you created firewall rules in GP before your Windows Updates, you may have to recreate the rules to ensure they merge correctly.
Jonathan Martinez
Continue reading...
When you see a domain joined workstation with firewall rules having "@firewall.dll,-9XXXX" in any fields in the "Windows Firewall with Advanced Security" console. This can be caused by missing windows patches.
This prevents the rules from merging as the names don't match the local rules. This can prevent GP rules from applying because there is a disabled duplicate rule on the local firewall rules.
This can also be caused by corruption in the rules or antivirus.
If you created firewall rules in GP before your Windows Updates, you may have to recreate the rules to ensure they merge correctly.
Jonathan Martinez
Continue reading...