"Jack [MVP-Networking]" <firstname.lastname@example.org> wrote in message
> No it is not a feature.
> Just being of the Domain just not mean that the computer is automatically
> re-configured itself for regular Peer-to-Peer network.
> Who ever configures the domain has to take a look to make sure that the
> right open configuration is available.
I think we may be talking different points. Distinguish two cases:
Case A: Disconnect from the domain and start the computer. After
firewall starts, it has a different configuration than the one in the
Case B: Disconnect from the domain and start the computer. Firewall
refuses to start at all. Attempts to manually start the firewall *service*
fail. There is no issue about the firewall's configuration because the
firewall cannot even be started.
I am describing Case B. This isn't an issue of how we configured the
firewall rules in or out of the domain. This is a Windows service startup
issue. The firewall service cannot even be started.
> "W" <email@example.com> wrote in message
> news:TsKdnQ3I1cmJtJbWnZ2dnUVZ_uydnZ2d@giganews.com ...
>> "Jack [MVP-Networking]" <firstname.lastname@example.org> wrote in message
>>> When it is Off the domain what are you trying to connect to?
>>> Who ever controls the Domain Polices has to configure the computer to
>>> function in a none domain environment when needed.
>>> Jack (MS, MVP-Networking).
>> What I am saying is that when the computer is off the domain, the
>> firewall service is *refusing to startup at all*. That cannot be a
>> feature, can it?
>>> "W" <email@example.com> wrote in message
>>>> We have a Vista Ultimate installation with all service packs installed.
>>>> Both the local security policy and the domain policy after joining a
>>>> domain have the reserved accounts NETWORK SERVICE and LOCAL SERVICE
>>>> configured to start as a service. If we disconnect the notebook
>>>> from the domain and restart it, the Windows Firewall service refuses to
>>>> start. All attempts to manage the firewall fail because the service
>>>> reports it has not started. If you manually attempt to start the
>>>> firewall service it fails.
>>>> As soon as we put the notebook back on the domain network and reboot it
>>>> Does anyone have any insight on why this happens and how we can get the
>>>> firewall to start? Any sequence that effectively prevents the
>>>> firewall from starting strikes me as a pretty serious misfeature. The
>>>> notebook is often used to configure devices by cross connecting
>>>> straight to the device, so we cannot count on being on the domain
>>>> network, but clearly we want a working firewall at all times.