Help: Prevent administrators from configuring local port exceptions
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
To prevent administrators or users from configuring local port exceptions
Open the Group Policy Object Editor snap-in to edit the Group Policy object (GPO) that is used to manage Windows Firewall settings in your organization.
Open Computer Configuration, open Administrative Templates, open Network, open Network Connections, open Windows Firewall, and then open either Domain Profile or Standard Profile, depending on which profile you want to configure.
In the details pane, double-click Windows Firewall: Allow local port exceptions.
In the Windows Firewall: Allow local port exceptions properties dialog box, on the Settings tab, click Disabled, and then click OK.
Notes
To perform this procedure, you must be a member of the Administrators group on the local computer, or you must have been delegated the appropriate authority. If the computer is joined to a domain, members of the Domain Admins group might be able to perform this procedure.
Windows Firewall is not included in the original release of the Windows Server 2003 operating systems.
You cannot use Windows Firewall in Control Panel or the netsh firewall command to perform this procedure.
Group Policy settings must be refreshed before they take effect.