Vista issues with Firewall, VPN and accessing files

Posted on 2007-12-05
Last Modified: 2008-05-01
I am testing Vista Ultimate for my possible corporate roll out. I have two Vistas on my corporate network, on similar yet different computers. Both are 64 bit Vista Ultimate versions.

Here are my issues.

1. The firewall service doesnt start. I get an error message saying that ", "Error 1297:  A privilege that the service requires to function properly does not exist in the service account configuration." Did some checking on line and it seems to be related to my policy settings. How in the world would a local firewall setting be affected by that? Anyone know how tio fix this?

2. I can't ping or access my Vista from other computers. I have no firewall (as per question 1) so I am not sure why this is not working. Even files that are shared. I have all the shared preferences turned on. (I have no other 3rd party VPN)

3. VPN does not connect to anything. Creating a vpn connection and going through the wizard will yield unable to connect in a split second (like it doesnt even try) and when you say create VPN anyway, nothing gets created.

Anyone know how to address these issues? I found Vista stable and able to run all my apps, but these three problems are major to me. I can't even have remote access on the machines because I need a firewall setting enabled, and I cant start the firewall.

One more data piece. Both Vistas experience the same issues, and both are very fresh installs.

Question by:itconsultant1
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Author Comment

ID: 20420612
found this solution on a different site... this made everything work.

Hi finally got this to work with the below.

The problem started when I installed Vista Ultimate as an upgrade from an OEM disk from Windows XP on our domain. Not only did the firewall break but so did other services such as

Remote Access Connection Manager
Service Control Manager
These stopped the Telephony Service from launching which seemed to have a knock on effect on the dependencies, I managed to get all of these services working and then finally the firewall service started by following the below.

I opened our domain group policy (If you don't know how, I added below) and added Added "Local Service" & "Network Service" to these User rights assignments...

Act As part of the operating system
Adjust memory Quotas for a process
Allow Log On Locally
Log on as a service
Replace a process level token

(If you are using AD on 2000 Server then some of the names vary, they are similar and work the same)

On your vista pc open a command prompt and run gpupdate /force

This will update your group policy locally, re-boot and see if the services have started, if not as mine didn't, from run type secpol.msc and see if the user rights under local policies are in there, you can also see the icons are different shades for policies that have come over from the group policy which helps you to see which ones might have changed or may need changing.

Now open services run-> services.msc and open windows firewall service and put in "Local Service" no password and close and try starting it.If it still fails you need to check through the policies again and see if Local Service is in the ones that came over from the Group Policies. Mine finally started after I had re-booted with the firewall service set to manual and then I entered "Local Service" and started it successfully, I have no idea why it didn't start on Automatic, but now it does it fine.

How to open your Domain Group Policy.
On your Domain Controller, start->Run-> type mmc and hit enter
Console Add/Remove Snapin
Click Add
Find group policy and select
Browse for your domain policy and choose it (If its not there then you don't have one)
OK & Finish
Expand -> Computer Configuration->Windows Settings->Security Settings->Local Policies->User Rights Assignment.
Make the adjustments to the rights as above.



Accepted Solution

Computer101 earned 0 total points
ID: 20591259
PAQed with points refunded (250)

EE Admin

Featured Post

Surfing Is Meant To Be Done Outdoors

Featuring its rugged IP67 compliant exterior and delivering broad, fast, and reliable Wi-Fi coverage, the AP322 is the ideal solution for the outdoors. Manage this AP with either a Firebox as a gateway controller, or with the Wi-Fi Cloud for an expanded set of management features

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco Any Connect Client 5 64
Allowing Multicast in the firewall 2 54
Server 2012 L2TP VPN Windows client to server 10 40
VPN Server config in Modem 5 68
Sometimes, you want your microsoft VPN to route all the traffic to the remote network. Usually your employer network. This makes it possible to access all the nodes inside this remote LAN, even if they have no "public DNS" entries. To do so, you wo…
I've had to do a bit of research to setup my VPN connection so that Clients can access Windows Server 2008 network shares.  I have a Cisco ASA 5510 firewall.  I found an article which was extremely useful: It had a solution if you use ASDM to config…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question