Solved

Windows Firewall-Local System account

Posted on 2010-08-30
13
1,138 Views
Last Modified: 2012-05-10
I have a Windows 2008 Standard SP1 32-bit server. I was checking event logs working on some issues and noticed an error from the firewall indicating it couldn't inform the user when a program was blocked from accepting an inbound connection. I went to the services snap in, checked the log-on properties, changed the setting to log on as "Local System account" and selected allow service to interact with the desktop. I received an error indicating:

Windows could not start the firewall on Local Computer.

Error 1079: The account specified for this service is different from the account specified for other services running in the same process."

I can't change the settings back without the password, which is of course managed by Windows.

Does anyone know of a way to resolve this? Can I use Windows Features to remove & reinstall the firewall?

Bruce
0
Comment
Question by:bruce-wilkinson
  • 6
  • 4
  • 2
  • +1
13 Comments
 
LVL 4

Expert Comment

by:Jamie_Wilson
Comment Utility
Did you reboot the server after you made that change?
0
 
LVL 63

Expert Comment

by:SysExpert
Comment Utility
well I would certainly try that first, unless you have a backup or restore point.

I hope this helps !
0
 

Author Comment

by:bruce-wilkinson
Comment Utility
I have not rebooted.

Bruce
0
 

Author Comment

by:bruce-wilkinson
Comment Utility
What would I restore? I'd prefer not to restore the whole system, too many changes lost.

Bruce
0
 
LVL 59

Expert Comment

by:Darius Ghassem
Comment Utility
0
 

Author Comment

by:bruce-wilkinson
Comment Utility
Can't disable through netsh, the firewall service won't start. When I tried to reset it, I got "the service has not been started". When the service isn't running, changes can't be made.

Bruce
0
The problems with reply email signatures

Do you wish that you could place an email signature under a reply? Well, unfortunately, you can't. That great Exchange/Office 365 signature you've created will just appear at the bottom of an email chain. What a pain! Is there really no way to solve this? Well, there might be...

 
LVL 59

Expert Comment

by:Darius Ghassem
Comment Utility
So,  you have tried to disable through netsh and it didn't work, right? Add a domain admin account in the username and password in then try to start.
0
 

Author Comment

by:bruce-wilkinson
Comment Utility
dariusq, I'm not following what you said about adding a domain account. I'm logged in as administrator.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
Comment Utility
Yes, but the service has a username and password attach to it.
0
 
LVL 63

Expert Comment

by:SysExpert
Comment Utility
A restore point ( Drivers and registry ) or system state restore, does not affect data, but may well resolve your issue.

Else, you can uninstall and install it again .



0
 

Author Comment

by:bruce-wilkinson
Comment Utility
dariusq, the service does have a user name and password associated with it. Changing it was what started this problem. The firewall service runs in a shared process. Once changed, you get an error indicating the log on name/password do not match the name/password for other services in the shared process. Since Windows manages the password for Local Service or Network Service, you can't go back to the original settings either. You don't know the password, and you can't change it.

SysExpert, Server 2008 doesn't create restore points. I ran vssadmin list shadows. I found 1, but it was created after the firewall changes. That was a problem I resolved yesterday, but not until after the changes to the firewall service settings.

I'm waiting for a MS engineer to see if they can help. Otherwise, I may be forced to reinstall.

Bruce
0
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 500 total points
Comment Utility
0
 

Author Closing Comment

by:bruce-wilkinson
Comment Utility
Of the links provided, the first one proved to be the one I needed. I used the local system account with no password. I didn't get an error, and was able to start the firewall service. It cleared another problem we were having with domain authentication and network resources being blocked. Thanks dariusq!
0

Featured Post

Shouldn't all users have the same email signature?

You wouldn't let your users design their own business cards, would you? So, why do you let them design their own email signatures? Think of the damage they could be doing to your brand reputation! Choose the easy way to manage set up and add email signatures for all users.

Join & Write a Comment

To effectively work with Diskpart on a Server Core, it is necessary to write some small batch script's, because you can't execute diskpart in a remote powershell session. To get startet, place the Diskpart batch script's into a share on your loca…
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now