I've noticed, while rolling out our monitoring package, that across a lot of sites Vista doesn't seem to play nicely with 2003 server when it comes to group policies for firewalls.
The monitoring app requires that there is a firewall exception for Remote Administration. No probs, create a group policy to enable this and push it out. Now, about 80% of the time, this works fine. Vista rolls over and sometime later the machine shows up on the monitoring package. However, in around 20% of the roll-outs, Vista adds an exception, which appears as ticked and enabled and set by a group policy, but also leaves the original 'local' entry for Remote Administration, which is unticked, not-enabled and not set by a group policy. As a result the vista box doesn't allow remote administration and odd things start to happen on the monitoring box. At the moment the only fix we can find is to hop on remotely and then tick the exception ourselves, leaving two ticked, enabled, exceptions. Anyone know why this is? I thought it may be down to the servers at the affected sites not having the Vista group policy addons, but it's not ALL vista boxes, just some, and some Vista boxes at some sites are fine while others are affected. XP appears to be fine so far. Any suggestions ? Olly ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
