Solved

work around for Group Policy Results Wizard not working on computers with sp2 installed

Posted on 2006-06-08
7
296 Views
Last Modified: 2010-04-18
I get a 'RPC failure' error when running the Group Policy Results Wizard on computers that have sp2 installed.  I'm in the adminstrator group of these computers.  Is there a work around?  Can I push exclusion settings to the windows firewall to allow this to work?
0
Comment
Question by:gopher_49
  • 4
  • 3
7 Comments
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 16865782
Hi gopher_49,

why are you bothering with the windows firewall? you can push some exceptions through GPO to it, but you are better off without it
0
 

Author Comment

by:gopher_49
ID: 16871202
I'm using windows firewall to add another layer of security at the software level.  Why wouldn't I use it?  With the ability to push customized settings to the firewall via GPO's I've ran into no problems at all.  This is the only issue I'm having.  I could see the Windows firewall being a bad thing for some environments, however, it's been a breeze for mine.  I took the time to study it and learn how to customize it via GPO's.  I've heard of horror stories with the Windows firewall, however, they were usually people who didn't take the time to learn how to both properly deploy it, and configure it.  

Do you know of any exceptions I can use?  I thinking about maybe adding an exception that allows RPC requests from a specfied host, however, not sure how this can be done.
0
 

Author Comment

by:gopher_49
ID: 16871226
As I understand the RPC protocol uses a range of dynamic ports.  There are registry setting that can be made to specifiy the range of ports used.  This will allow an easier exception rule for RPC to exist on the firewall.  I'm a little leary about changing the range of ports used with RPC....
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:gopher_49
ID: 16871282
The below article has a registry modifcation that allows me to specifiy which ports RPC uses.  Once I set the range of ports being used on the workstation I can then add the range of ports in an exception rule on the firewall.  I can push both the registry entry and the firewall rule exception via GPO's.  I'm still leary to  push registry entries to each workstations.  I'm beginning to think that I should just turn the firewall off when wanting to run the GPO results wizard against the workstation.

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q154596

0
 
LVL 48

Expert Comment

by:Jay_Jay70
ID: 16875938
fair call, i dont have the time or the need to play with windows firewall so i disable it and life is good, if you have a working environment using it then congrats to you, i personally cannot see any reason to keep it but thats just my opinion
0
 

Author Comment

by:gopher_49
ID: 16902491
I could see it being a serious problem in many environments, however, this is the only problem I've ran into.  I guess I've gotten lucky.  
0
 
LVL 48

Accepted Solution

by:
Jay_Jay70 earned 250 total points
ID: 16907703
yeah mate you have done well, from what i have seen it causes sooo many problems
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question