TechRepublic|Forums|IT Employment

IT Employment

General discussion

  • Creator
    Topic
  • November 1, 2004 at 10:25 pm #2291903

    SP2 firewall not able to be controlled on 2000 domain via GPO

    Locked

    by thewynn75 · about 17 years, 6 months ago

    Ok, I am at my wits end with this. I have read almost every white paper I can find and it doesn’t seem like I am doing anything wrong, I think I am missing something small. Here is the situation:
    I am on a Windows 2000 server domain and have installed Server 2003 Administration Pack on my Windows XP SP2 PC. I am a domain adminstrator in AD and have set up a test group with a XP SP2 and a 2000 machine.
    I have enabled “Protect all network connections” and “Do not allow exceptions” with the Admin Pack and have confirmed that this has replicated to the DC’s. On the test XP machine I have turned off the firewall because I want AD to control it. I have rebooted the client several times. I am running a constant PING to the PC and it is PINGing, nothing is being blocked, I even RDC into it.
    It almost seems like even though the policies are showing up on the DC they don’t know what to do or how to enforce it. Does anyone know what I need to do to make this GPO work properly?
    Thanks

    Topic is locked This conversation is currently closed to new comments.
  • Creator
    Topic

All Comments

  • Author
    Replies
    • November 5, 2004 at 12:14 pm #3296389

      Resolved

      by thewynn75 · about 17 years, 6 months ago

      In reply to SP2 firewall not able to be controlled on 2000 domain via GPO

      The problem ended up being a corrupted FRS. Everything is working fine now.

      • November 5, 2004 at 1:51 pm #3296341

        Resoved….how?

        by chris · about 17 years, 6 months ago

        In reply to Resolved

        I’ve been experiencing the same problems, how were you able to determine that FRS was corrupt and how did you resolve it? If I were to look at the settings of a GPO on a 2K server, I can see that the policy exists and is enabled, but no details.

        • November 5, 2004 at 11:37 pm #3296262

          I’m I only 1 not install SP2 ???????

          by abme75 · about 17 years, 6 months ago

          In reply to Resoved….how?

          I wish I could help you Chris but I haven’t even updated yet. I guess I’m just not an early adapter. BTW has anyone else not updated to SP2 yet?

        • November 8, 2004 at 6:22 pm #3312497

          FRS corrupt

          by thewynn75 · about 17 years, 6 months ago

          In reply to Resoved….how?

          The way I found out the FRS was corrupt was when I went into the policy folder (C:\WINNT\SYSVOL\sysvol\your domain\Policies) and counted how many policies were in there. 5 in my case. Then I went into AD to create a new policy and found that the policy was never actually written to the folder, although the policy showed up in the User and Computer snap in. Also File Replication event logs on the domain controller pointed to FRS problems.
          Now the solution I am sort of vague on. I didn’t actually perform the fix, your best bet would be to do a google search on the error in your event logs. That is what the other admin I work with did and found the solution there.

  • Author
    Replies
Viewing 0 reply threads