General discussion


XP SP2 and SMS 2003 console connection

By blawrimore ·
I have two users running SP2 without the firewall running, and having run the dcom work around, and they still cannot connect to the SMS 2003 site through the MMC. one of the users just upgraded from 2000 where they had no problem connecting. i have recently re-installed the SMS administrator console on the box, but it did not help. does anyone have any ideas on how to get this thing up and running? thx,


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by rmac461 In reply to XP SP2 and SMS 2003 conso ...

SP2 disables Microsoft File and Printer Sharing. SMS doesn?t work well without this feature enabled, so open windows Firewall and check of the File and Printer Sharing box in the exceptions tab.

Clicking the ?Edit? button will show you that this will enable several ports on the firewall.

TCP 139
TCP 445
UDP 137
UDP 138

Windows Firewall reduces the RPC footprint by closing TCP port 135. No RPC calls mean a crippled SMS client.

Open the Windows Firewall from the control panel applet. Select the "Exceptions" tab in the Windows Firewall window and click the Add Port button.

In the Add Port window, provide a name and enter ?135? in the Port Number field. Be sure to select the TCP radio button.

While you're here?add these ports to enable the associated SMS services.

TCP 2701 Remote Information
UDP 2701 Remote Information
TCP 2702 Remote Control
UDP 2702 Remote Control
TCP 2703 Chat
UDP 2703 Chat
TCP 2704 File Transfer
UDP 2704 File Transfer

Add the following executables to allow these services to function. Click the Add Program button. Click the browse button and add:

C:\WINDOWS\PCHealth\HelpCtr\Binaries\helpsvc.exe *

Collapse -

by Adam Gladden In reply to XP SP2 and SMS 2003 conso ...

After you have configured the COM security settings on the computer running Window XP SP2, you still need to enable the Distributed COM on the computer.

Run dcomcnfg.exe
Expand Component Services down to My Computer.
Right click My Computer and select properties.
Click on the Default Properties tab and make sure Enable Distributed Com on this computer, is selected.
Default Authentication Level = Connect
Default Impersonation Level = Identify

If you are unsure how to set the COM security settings, check out this <A href="">KB</A> from Microsoft.

Related Discussions

Related Forums