GPO Missing World Wide Web Services Inbound Rule

I’ve just completed the work needed to control the Windows 7 firewall through our corporate GPO. During that time, I ran across a display bug with IIS that I couldn’t find anyone else documenting.

Here’s the problem. I enabled the rules for World Wide Web Services on the workstation that I was using for the initial configuration. After importing that rule into the group policy, it doesn’t show on the list.

I repeated the process a second time to confirm I didn’t miss them, or that the overwrite of the existing policy wasn’t somehow in conflict – it wasn’t.

WithIIS_NotInstalled

Even though the line item is missing, the policy is still applied. I could disable the rule on the target laptops, apply the GPO, and it would take effect. It just wouldn’t display.

A had a hunch, so I went ahead and installed IIS onto the domain controller that I was using to design this GPO.

Lo and behold, the rule is suddenly’ there, and it showed my chosen preferences (domain + private). Clearly the rule existed all the time, it just wouldn’t display it in GPMC.

WithIISInstalled

It gets stranger. I uninstalled IIS, because who needs that hanging around if you aren’t using it. Now the rule continues to show up – but the other domain controller who didn’t have it installed, exhibits the original display problem.

It makes it appear as if it had to be installed at least once for GPMC to display that rule. Unsure if there are other items “missing” in this fashion, but very clearly this is one of them.