Windows Firewall-Local System account

I have a Windows 2008 Standard SP1 32-bit server. I was checking event logs working on some issues and noticed an error from the firewall indicating it couldn't inform the user when a program was blocked from accepting an inbound connection. I went to the services snap in, checked the log-on properties, changed the setting to log on as "Local System account" and selected allow service to interact with the desktop. I received an error indicating:

Windows could not start the firewall on Local Computer.

Error 1079: The account specified for this service is different from the account specified for other services running in the same process."

I can't change the settings back without the password, which is of course managed by Windows.

Does anyone know of a way to resolve this? Can I use Windows Features to remove & reinstall the firewall?

Bruce
bruce-wilkinsonAsked:
Who is Participating?
 
Jamie_WilsonCommented:
Did you reboot the server after you made that change?
0
 
SysExpertCommented:
well I would certainly try that first, unless you have a backup or restore point.

I hope this helps !
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
bruce-wilkinsonAuthor Commented:
I have not rebooted.

Bruce
0
 
bruce-wilkinsonAuthor Commented:
What would I restore? I'd prefer not to restore the whole system, too many changes lost.

Bruce
0
 
Darius GhassemCommented:
0
 
bruce-wilkinsonAuthor Commented:
Can't disable through netsh, the firewall service won't start. When I tried to reset it, I got "the service has not been started". When the service isn't running, changes can't be made.

Bruce
0
 
Darius GhassemCommented:
So,  you have tried to disable through netsh and it didn't work, right? Add a domain admin account in the username and password in then try to start.
0
 
bruce-wilkinsonAuthor Commented:
dariusq, I'm not following what you said about adding a domain account. I'm logged in as administrator.
0
 
Darius GhassemCommented:
Yes, but the service has a username and password attach to it.
0
 
SysExpertCommented:
A restore point ( Drivers and registry ) or system state restore, does not affect data, but may well resolve your issue.

Else, you can uninstall and install it again .



0
 
bruce-wilkinsonAuthor Commented:
dariusq, the service does have a user name and password associated with it. Changing it was what started this problem. The firewall service runs in a shared process. Once changed, you get an error indicating the log on name/password do not match the name/password for other services in the shared process. Since Windows manages the password for Local Service or Network Service, you can't go back to the original settings either. You don't know the password, and you can't change it.

SysExpert, Server 2008 doesn't create restore points. I ran vssadmin list shadows. I found 1, but it was created after the firewall changes. That was a problem I resolved yesterday, but not until after the changes to the firewall service settings.

I'm waiting for a MS engineer to see if they can help. Otherwise, I may be forced to reinstall.

Bruce
0
 
bruce-wilkinsonAuthor Commented:
Of the links provided, the first one proved to be the one I needed. I used the local system account with no password. I didn't get an error, and was able to start the firewall service. It cleared another problem we were having with domain authentication and network resources being blocked. Thanks dariusq!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.