That's good to know, thanks! Jeff
From: David Lum [mailto:david....@nwea.org] Sent: Friday, March 19, 2010 8:51 AM To: NT System Admin Issues Subject: RE: Installing Win2K8 Server as DC Issue With Win2K8/Win7 in addition to disabling the firewall you must also set the firewall service to DISABLED (manual might also work), otherwise Windows disables the NIC. If it sees firewall as AUTO but the firewall is off (even if you turn it off via GUI) it assumes malware has disabled the firewall so it nukes the NIC connection altogether. Setting the service to DISABLED and THEN turning off the firewall will allow the NIC to remain active. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Jackson, Jeff [mailto:jeff.jack...@rbza.com] Sent: Friday, March 19, 2010 7:54 AM To: NT System Admin Issues Subject: RE: Installing Win2K8 Server as DC Issue Hi Michael, I'm probably beating a dead horse and shouldn't... But, on both my 2008 and 2008 R2 servers, if I stop the windows firewall service, I can no longer connect to them via RDP, or access file shares, or even ping them for that matter. I agree, 2008 and 2008 R2 are very different beasts, but they do seem to have that behavior in common. At least that's my experience... Of course, the important thing is why is this happening to John and how might he resolve it, and on that, I'm currently stumped. Jeff From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Thursday, March 18, 2010 4:59 PM To: NT System Admin Issues Subject: RE: Installing Win2K8 Server as DC Issue Guys, y'all need to realize that y'all are comparing apples and oranges. Server 2008 is NOT the same as Server 2008 R2. Server 2008 R2 should've been called Server 2010. It's way different. It's not like 2003 R2 which was just a bunch of additional optional functionality. Disabling or stopping the Windows Firewall service in Server 2008 R2 is not supported and will cause indeterminate behavior. If you want to not use the firewall, you need to open the Windows Firewall application and disable the appropriate profile. This is a change in behavior between 2008 and 2008 R2. Now, in 2008 R2, if the Windows Firewall won't start, then it WILL generate an error in one event log or another. You need to track that down and fix it! :-P Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: John Bowles [mailto:john.bow...@wlkmmas.org] Sent: Thursday, March 18, 2010 7:30 PM To: NT System Admin Issues Subject: RE: Installing Win2K8 Server as DC Issue +1 Jeff, that's exactly the issue I'm having. The Windows Firewall will not even start up or allow me to start it up to allow traffic to the DC. From: Jackson, Jeff [mailto:jeff.jack...@rbza.com] Sent: Thursday, March 18, 2010 5:35 PM To: NT System Admin Issues Subject: RE: Installing Win2K8 Server as DC Issue If I stop the Windows Firewall service on my 2008 servers, I can no longer RDP to it. So, what I meant by off is, the service is stopped, which is the case for John, who's firewall service won't start at all. From: N Parr [mailto:npar...@mortonind.com] Sent: Thursday, March 18, 2010 2:22 PM To: NT System Admin Issues Subject: RE: Installing Win2K8 Server as DC Issue What? Firewall Off = Traffic Allowed I have the firewall's off on my 2008 server and RDP to them just fine. ________________________________ From: Jackson, Jeff [mailto:jeff.jack...@rbza.com] Sent: Thursday, March 18, 2010 4:17 PM To: NT System Admin Issues Subject: RE: Installing Win2K8 Server as DC Issue The 2008 firewall is conservative. In my experience, if it's turned off, no traffic is allowed inbound. So, you can't RDP into because your firewall won't start up to allow traffic in. Jeff From: John Bowles [mailto:john.bow...@wlkmmas.org] Sent: Thursday, March 18, 2010 1:29 PM To: NT System Admin Issues Subject: RE: Installing Win2K8 Server as DC Issue Outside of enabling RDP on the DC, what can be preventing me from RDP'ing into the server? I have this issue with my Exchange 2K7 server as well as DC. I keep getting access is denied when trying to turn on Windows Firewall on the DC. From: John Bowles [mailto:john.bow...@wlkmmas.org] Sent: Thursday, March 18, 2010 2:46 PM To: NT System Admin Issues Subject: RE: Installing Win2K8 Server as DC Issue From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Thursday, March 18, 2010 2:43 PM To: NT System Admin Issues Subject: Re: Installing Win2K8 Server as DC Issue >>I cannot access the server remotely Error message? No error message, after running DS role I am no longer able to connect to server via RDP >> the windows firewall service won't start How are you determining this? This is determined by the service on the server set to automatic but doesn't show's not started What does the eventlog say? Etc and so on. Event log is throwing MS DTC errors saying service cannot start. >>The Windows Firewall is a pain in the arse if you ask me. Because? Because it's always been a pain in the arss. :) -ASB: http://XeeSM.com/AndrewBaker On Thu, Mar 18, 2010 at 2:29 PM, John Bowles <john.bow...@wlkmmas.org<mailto:john.bow...@wlkmmas.org>> wrote: All- I'm trying to join a w2k8 r2 server to a windows 2003 domain. I've ran adprep /forestprep Adprep /domain prep Installed domain services under roles.. rebooted Now when the server came up I cannot access the server remotely and the windows firewall service won't start. Just wondering what I did wrong here? The Windows Firewall is a pain in the arse if you ask me. Any help would be appreciated. Thank you, John Bowles ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
