We help IT Professionals succeed at work.

work around for Group Policy Results Wizard not working on computers with sp2 installed

gopher_49
gopher_49 asked
on
342 Views
Last Modified: 2010-04-18
I get a 'RPC failure' error when running the Group Policy Results Wizard on computers that have sp2 installed.  I'm in the adminstrator group of these computers.  Is there a work around?  Can I push exclusion settings to the windows firewall to allow this to work?
Comment
Watch Question

CERTIFIED EXPERT
Top Expert 2006

Commented:
Hi gopher_49,

why are you bothering with the windows firewall? you can push some exceptions through GPO to it, but you are better off without it

Author

Commented:
I'm using windows firewall to add another layer of security at the software level.  Why wouldn't I use it?  With the ability to push customized settings to the firewall via GPO's I've ran into no problems at all.  This is the only issue I'm having.  I could see the Windows firewall being a bad thing for some environments, however, it's been a breeze for mine.  I took the time to study it and learn how to customize it via GPO's.  I've heard of horror stories with the Windows firewall, however, they were usually people who didn't take the time to learn how to both properly deploy it, and configure it.  

Do you know of any exceptions I can use?  I thinking about maybe adding an exception that allows RPC requests from a specfied host, however, not sure how this can be done.

Author

Commented:
As I understand the RPC protocol uses a range of dynamic ports.  There are registry setting that can be made to specifiy the range of ports used.  This will allow an easier exception rule for RPC to exist on the firewall.  I'm a little leary about changing the range of ports used with RPC....

Author

Commented:
The below article has a registry modifcation that allows me to specifiy which ports RPC uses.  Once I set the range of ports being used on the workstation I can then add the range of ports in an exception rule on the firewall.  I can push both the registry entry and the firewall rule exception via GPO's.  I'm still leary to  push registry entries to each workstations.  I'm beginning to think that I should just turn the firewall off when wanting to run the GPO results wizard against the workstation.

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q154596

CERTIFIED EXPERT
Top Expert 2006

Commented:
fair call, i dont have the time or the need to play with windows firewall so i disable it and life is good, if you have a working environment using it then congrats to you, i personally cannot see any reason to keep it but thats just my opinion

Author

Commented:
I could see it being a serious problem in many environments, however, this is the only problem I've ran into.  I guess I've gotten lucky.  
CERTIFIED EXPERT
Top Expert 2006
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.