Look at the dependencies for the firewall service. Are they all running? Also, I assume you've seen these two? http://support.microsoft.com/kb/943996/en-us
http://social.technet.microsoft.com/Forums/en-US/itprovistadeployment/thread /23351e06-dcbd-40ff-95da-368d0af5868c *********************** Charlie Kaiser [email protected] Kingman, AZ *********************** > -----Original Message----- > From: John Bowles [mailto:[email protected]] > Sent: Friday, March 19, 2010 9:29 AM > To: NT System Admin Issues > Subject: RE: Installing Win2K8 Server as DC Issue > > Still no joy! Won't start! > > > > From: John Bowles [mailto:[email protected]] > Sent: Friday, March 19, 2010 12:23 PM > To: NT System Admin Issues > Subject: RE: Installing Win2K8 Server as DC Issue > > > > I've added network service and local service to everywhere > specified.. rebooting now > > > > From: Jackson, Jeff [mailto:[email protected]] > Sent: Friday, March 19, 2010 12:10 PM > To: NT System Admin Issues > Subject: RE: Installing Win2K8 Server as DC Issue > > > > That's good to know, thanks! > > > > Jeff > > > > From: David Lum [mailto:[email protected]] > Sent: Friday, March 19, 2010 8:51 AM > To: NT System Admin Issues > Subject: RE: Installing Win2K8 Server as DC Issue > > > > With Win2K8/Win7 in addition to disabling the firewall you > must also set the firewall service to DISABLED (manual might > also work), otherwise Windows disables the NIC. If it sees > firewall as AUTO but the firewall is off (even if you turn it > off via GUI) it assumes malware has disabled the firewall so > it nukes the NIC connection altogether. > > > > Setting the service to DISABLED and THEN turning off the > firewall will allow the NIC to remain active. > > > > David Lum // SYSTEMS ENGINEER > NORTHWEST EVALUATION ASSOCIATION > (Desk) 971.222.1025 // (Cell) 503.267.9764 > > > > > > From: Jackson, Jeff [mailto:[email protected]] > Sent: Friday, March 19, 2010 7:54 AM > To: NT System Admin Issues > Subject: RE: Installing Win2K8 Server as DC Issue > > > > Hi Michael, > > > > I'm probably beating a dead horse and shouldn't. But, on both > my 2008 and 2008 R2 servers, if I stop the windows firewall > service, I can no longer connect to them via RDP, or access > file shares, or even ping them for that matter. I agree, 2008 > and 2008 R2 are very different beasts, but they do seem to > have that behavior in common. At least that's my experience. > > > > Of course, the important thing is why is this happening to > John and how might he resolve it, and on that, I'm currently stumped. > > > > Jeff > > > > From: Michael B. Smith [mailto:[email protected]] > Sent: Thursday, March 18, 2010 4:59 PM > To: NT System Admin Issues > Subject: RE: Installing Win2K8 Server as DC Issue > > > > Guys, y'all need to realize that y'all are comparing apples > and oranges. > > > > Server 2008 is NOT the same as Server 2008 R2. > > > > Server 2008 R2 should've been called Server 2010. It's way > different. It's not like 2003 R2 which was just a bunch of > additional optional functionality. > > > > Disabling or stopping the Windows Firewall service in Server > 2008 R2 is not supported and will cause indeterminate > behavior. If you want to not use the firewall, you need to > open the Windows Firewall application and disable the > appropriate profile. > > > > This is a change in behavior between 2008 and 2008 R2. > > > > Now, in 2008 R2, if the Windows Firewall won't start, then it > WILL generate an error in one event log or another. You need > to track that down and fix it! :-P > > > > Regards, > > > > Michael B. Smith > > Consultant and Exchange MVP > > http://TheEssentialExchange.com > > > > From: John Bowles [mailto:[email protected]] > Sent: Thursday, March 18, 2010 7:30 PM > To: NT System Admin Issues > Subject: RE: Installing Win2K8 Server as DC Issue > > > > +1 > > > > Jeff, that's exactly the issue I'm having. The Windows > Firewall will not even start up or allow me to start it up to > allow traffic to the DC. > > > > From: Jackson, Jeff [mailto:[email protected]] > Sent: Thursday, March 18, 2010 5:35 PM > To: NT System Admin Issues > Subject: RE: Installing Win2K8 Server as DC Issue > > > > If I stop the Windows Firewall service on my 2008 servers, I > can no longer RDP to it. So, what I meant by off is, the > service is stopped, which is the case for John, who's > firewall service won't start at all. > > > > From: N Parr [mailto:[email protected]] > Sent: Thursday, March 18, 2010 2:22 PM > To: NT System Admin Issues > Subject: RE: Installing Win2K8 Server as DC Issue > > > > What? Firewall Off = Traffic Allowed > > I have the firewall's off on my 2008 server and RDP to them just fine. > > > > ________________________________ > > From: Jackson, Jeff [mailto:[email protected]] > Sent: Thursday, March 18, 2010 4:17 PM > To: NT System Admin Issues > Subject: RE: Installing Win2K8 Server as DC Issue > > The 2008 firewall is conservative. In my experience, if it's > turned off, no traffic is allowed inbound. So, you can't RDP > into because your firewall won't start up to allow traffic in. > > > > Jeff > > > > From: John Bowles [mailto:[email protected]] > Sent: Thursday, March 18, 2010 1:29 PM > To: NT System Admin Issues > Subject: RE: Installing Win2K8 Server as DC Issue > > > > Outside of enabling RDP on the DC, what can be preventing me > from RDP'ing into the server? I have this issue with my > Exchange 2K7 server as well as DC. I keep getting access is > denied when trying to turn on Windows Firewall on the DC. > > > > > > From: John Bowles [mailto:[email protected]] > Sent: Thursday, March 18, 2010 2:46 PM > To: NT System Admin Issues > Subject: RE: Installing Win2K8 Server as DC Issue > > > > > > > > From: Andrew S. Baker [mailto:[email protected]] > Sent: Thursday, March 18, 2010 2:43 PM > To: NT System Admin Issues > Subject: Re: Installing Win2K8 Server as DC Issue > > > > >>I cannot access the server remotely > > > > Error message? No error message, after running DS role I am > no longer able to connect to server via RDP > > > > > > > > >> the windows firewall service won't start > > > > How are you determining this? This is determined by the > service on the server set to automatic but doesn't show's not started > > > > What does the eventlog say? Etc and so on. Event log is > throwing MS DTC errors saying service cannot start. > > > > > > >>The Windows Firewall is a pain in the arse if you ask me. > > > > Because? Because it's always been a pain in the arss. J > > > > > -ASB: http://XeeSM.com/AndrewBaker > > On Thu, Mar 18, 2010 at 2:29 PM, John Bowles > <[email protected]> wrote: > > All- > > > I'm trying to join a w2k8 r2 server to a windows 2003 domain. > > > > I've ran adprep /forestprep > > Adprep /domain prep > > Installed domain services under roles.. rebooted > > > > Now when the server came up I cannot access the server > remotely and the windows firewall service won't start. Just > wondering what I did wrong here? The Windows Firewall is a > pain in the arse if you ask me. Any help would be appreciated. > > > > Thank you, > > > > > > > > John Bowles > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
