?
Solved

2008 R2 Server reboot after GPO

Posted on 2011-09-22
4
Medium Priority
?
953 Views
Last Modified: 2012-06-21
We recently rolled out a change in our Default Domain policy to disable the Windows Firewall and change the firewall service from "auto start" to "disabled".

An oversight caused the GPO to push the update to some of our 2008 R2 Terminal Servers and one of those servers rebooted after the GPO was applied.

The series of Events in the Event Viewer simply show the GPO settings being applied successfully, and then the typical entries for services starting/stopping due to a reboot.

No other server experienced the issue and we obviously corrected the issue that was pushing the GPO to the servers, but I'm wondering if anyone has ever seen this or anything similar happen between a 2008 R2 server and the Firewall service? (The big cheezes are bound to ask why this happened and I don't have anything)
0
Comment
Question by:sysadmin-ee
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 6

Accepted Solution

by:
Zouleous earned 2000 total points
ID: 36583956

In Windows 7 and Windows Server 2008 R2, you first need to disable and stop the “Base Filtering Engine” service. Only stopping the Firewall service will put you in block mode.  I've locked myself out of remote desktop access to a server by doing this before...more than once actually.  Bad idea.  Please read the caution at the end of this Technet Article.

Also see this: http://technet.microsoft.com/en-us/library/cc766337(WS.10).aspx
0
 
LVL 6

Expert Comment

by:Zouleous
ID: 36583967
I'd recommend you don't stop the service, but instead set the firewall profiles to off.
0
 
LVL 6

Expert Comment

by:Zouleous
ID: 36583984
Oh and when the Big Cheeses ask I guess you'll have to tell them Microsoft implemented a hidden security "feature" in Server 2008 R2.  The only way you discover the "feature" is to fall victim to it.  Either that or proactively read every Technet article known to man.
0
 

Author Comment

by:sysadmin-ee
ID: 36584111
Leave it to Microsoft! Thanks man...that info is priceless!!!
Thanks a million man!
0

Featured Post

Get your Disaster Recovery as a Service basics

Disaster Recovery as a Service is one go-to solution that revolutionizes DR planning. Implementing DRaaS could be an efficient process, easily accessible to non-DR experts. Learn about monitoring, testing, executing failovers and failbacks to ensure a "healthy" DR environment.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question