I am setting the "Remote Administration Exception" in my GPO to permit every
subnet in my large organization. My list of subnets appears to be too long.
I have 123 comma-separated entries of the form w.x.y.z/ab (for example,
10.10.10.0/22).
My list of subnet entries is 1,925 characters in length. I paste my list
into the GPO. When I examine the GPO in GPMC it displays only the first
1,024 characters. When I apply the GPO and examine
HKLM\Software\Policies\Microsoft\WindowsFirewall\D omainProfile\RemoteAdminSettings\RemoteAddresses
it has only the same first 1,024 characters in my list, not my whole 1,925
character list.
Is this in fact a size limitation for this setting? If so, where
specifically is the limitation? Is it a limitation of the RG_SZ Type, or
something in Group Policy? Is there a workaround that will permit me to use
the Windows Firewall to permit "Remote Administration" to 123 unique subnets?
The list of subnets has been carefully scrubbed such that there is no
overlap, each one is both required and unique (e.g., I already deleted
10.10.137.0/21 if I already have 10.10.0.0/16). I need them all. I need
ports 135 & 445 open. Think of this as being on the Internet. No
alternative technology is appropriate (e.g. a web server).
Anyone know anything specific about this? Thanks!
|
Similar Threads
Linear Mode
