Which Registry Values store these Windows Firewall GPO settings......

Giganews Newsgroups
Subject: Which Registry Values store these Windows Firewall GPO settings......
Posted by:  gayle (gayle.ribei…@gmail.com)
Date: Sun, 19 Aug 2007

In PolicySettings.xls - a spreadsheet that lists all GPO settings ,
some settings have multiple registry value paths associated with them.
In GPO Editor , when enabling these settings , a user must specify
more than whether the setting is Enabled/Disabled .

Are all these registry paths required to store 1 Windows Firewall GPO
Setting ? For instance::

1.For the policy setting - Windows Firewall: Allow remote
administration exception;
there are 2 registry values associated :
HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile
\RemoteAdminSettings!Enabled, HKLM\SOFTWARE\Policies\Microsoft
\WindowsFirewall\DomainProfile\RemoteAdminSettings!RemoteAddresses
Are both neccessary for the GPO setting to be Enabled. To determine
if the setting is Enabled, isn't the first 1 sufficient?

Similar case for :

Windows Firewall: Allow file and printer sharing exception

Its 2 registry values are:
1] HKLM\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile
\Services\FileAndPrint!Enabled, 2] HKLM\SOFTWARE\Policies\Microsoft
\WindowsFirewall\DomainProfile\Services\FileAndPrint!RemoteAddresses

If the 1st Registry value is set to enabled, is it neccessary to check
for the Address List.What will the behaviour be , if only the
1stregistry value is present?

2. On enabling the Logging setting in gpedit.msc , 2 registry values
get created - LogFileSize & LogFilePath & on disabling the setting,
both registry values get deleted

If 1 registry value say LogFileSize is deleted, is Logging enabled/
disabled effectively? In GPO Editor,  the setting before the value was
deleted is maintained.i.e. To check if logging is enabled using a
script, are the values of both registry values[LogFileSize &
LogFilePath] required?

Replies