GPO Backup Settings .... Can you "sneak in" new Firewall Rules?

Share
Viewing 1 reply thread
  • Author
    Posts
    • #1555444
      Rich Chalifoux
      Participant
      Post count: 1
      Member Points: 61
      Rank: Level 1

      Hi Everyone,

      Newbie in terms of Blogs and Community postings so no clue on proper etiquette and actually not sure if this question belongs here. But here goes…

      I have a GPO which holds hundreds of Inbound firewall rules that requires us to add/remove program executables routinely.  I had attempted to use Powershell to import the “gpreport.xml”of that GPO’s backup. Position myself over the XML location of those nodes, clone the first one, and then fill the section with the elements of each new rule from a CSV. I assumed as long as the XML formatting was correct, and in the right place, the new GPO settings would be consumed via “import/restore of same GPO without complaint from the same.  I thought that I was being clever… kinda like when a mother hides the mashed carrots on the baby’s spoon under the applesauce 🙂  But it didn’t work 🙁 though the GPO import completed successfully but without the new rules.   Have I broken any GPO rules to anybody’s knowledge, or could it be something simpler, such as casing for example. Example of two rules below.

      <q1:InboundFirewallRules>
      <q1:Version>2.27</q1:Version>
      <q1:Action>Allow</q1:Action>
      <q1:Name>LIVE6_Softlab-7z.exe</q1:Name>
      <q1:Dir>In</q1:Dir>
      <q1:App>C:\SCC\Pre-deployed\scclis_8080\LIFES\LIVE6\CSFSetup\7z.exe</q1:App>
      <q1:Active>true</q1:Active>
      </q1:InboundFirewallRules>
      <q1:InboundFirewallRules>
      <q1:Version>2.27</q1:Version>
      <q1:Action>Allow</q1:Action>
      <q1:Name>LIVE6_Softlab-ar_startsrvapp.exe</q1:Name>
      <q1:Dir>In</q1:Dir>
      <q1:App>C:\SCC\Pre-deployed\PRIMARY_0\LIFES\LIVE6\SoftAR\ar_startsrvapp.exe</q1:App>
      <q1:Active>true</q1:Active>
      </q1:InboundFirewallRules>

       

      0
    • #1555527
      Leos Marek
      Moderator
      Post count: 167
      Member Points: 8,544
      Rank: Level 3

      Hi Rich,

      could you give the exact commands you used? I will try to check tomorrow what is possible.

      Cheers

      0
Viewing 1 reply thread
  • You must be logged in to reply to this topic.
© 4sysops 2006 - 2020

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account