Stolen from Mark Minasi’s supurb site…. at http://www.minasi.com/newsletters/nws0409.htm handy referance how Windows XP SP2+ detects between Standard and Domain settings. In Vista this changes but its the same principle.
There’s a personal firewall built into XP that’s always been there. But now it’s kind of “in your face,” as it’s turned on by default and it’s much easier to configure and control from the GUI, group policies, and command-line tools.
Even better, it’s got two “profiles;” it behaves one way when you’re inside your domain and another when you’re outside, such as when you’re connected to the Internet with your laptop from home or a hotel.
You might have heard about Firewall’s two profiles, the “standard” and the “domain” profile. (“Domain” means you’re in the domain, on site; “standard” means you’re somewhere else, out of the firewall.) But did you ever wonder, how does it know when you’re “in the domain?” I wondered. Is it something as easy as IP address ranges? Pinging the domain controller to measure the latency periods? Arcanely measuring the Earth’s magnetic field to estimate how far you are from Headquarters? Nope. It’s like this:
- Windows Firewall (call it WF) remembers the last time that you got group policies.
- It remembers the DNS suffix of the system that you got them from. (So, for example, if your AD domain was called bigfirm.com, then the domain controller (DC) that your system got the group policies from almost certainly had a DNS suffix of bigfirm.com.)
- WF then looks at all of your network adapters — here’s where it gets geeky — and examines their adapter-specific DNS suffixes. If any of them match the DNS suffix of your last GP update, then it assumes you’re in the domain.
In English, then… suppose you’re out on the road and for some reason want the firewall to think that you’re in “domain” mode rather than “standard” mode. Just go to the Advanced properties of your NIC, click the DNS tab and punch in your domain’s name in the “DNS suffix” field, and your firewall will behave as if you’re on the corporate grounds.
That, by the way was the simplified version; if you’d like to know more about how the network location awareness in Windows works, get this article: