Solved

2008 R2 Server reboot after GPO

Posted on 2011-09-22
4
907 Views
Last Modified: 2012-06-21
We recently rolled out a change in our Default Domain policy to disable the Windows Firewall and change the firewall service from "auto start" to "disabled".

An oversight caused the GPO to push the update to some of our 2008 R2 Terminal Servers and one of those servers rebooted after the GPO was applied.

The series of Events in the Event Viewer simply show the GPO settings being applied successfully, and then the typical entries for services starting/stopping due to a reboot.

No other server experienced the issue and we obviously corrected the issue that was pushing the GPO to the servers, but I'm wondering if anyone has ever seen this or anything similar happen between a 2008 R2 server and the Firewall service? (The big cheezes are bound to ask why this happened and I don't have anything)
0
Comment
Question by:sysadmin-ee
  • 3
4 Comments
 
LVL 6

Accepted Solution

by:
Zouleous earned 500 total points
Comment Utility

In Windows 7 and Windows Server 2008 R2, you first need to disable and stop the “Base Filtering Engine” service. Only stopping the Firewall service will put you in block mode.  I've locked myself out of remote desktop access to a server by doing this before...more than once actually.  Bad idea.  Please read the caution at the end of this Technet Article.

Also see this: http://technet.microsoft.com/en-us/library/cc766337(WS.10).aspx
0
 
LVL 6

Expert Comment

by:Zouleous
Comment Utility
I'd recommend you don't stop the service, but instead set the firewall profiles to off.
0
 
LVL 6

Expert Comment

by:Zouleous
Comment Utility
Oh and when the Big Cheeses ask I guess you'll have to tell them Microsoft implemented a hidden security "feature" in Server 2008 R2.  The only way you discover the "feature" is to fall victim to it.  Either that or proactively read every Technet article known to man.
0
 

Author Comment

by:sysadmin-ee
Comment Utility
Leave it to Microsoft! Thanks man...that info is priceless!!!
Thanks a million man!
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

To effectively work with Diskpart on a Server Core, it is necessary to write some small batch script's, because you can't execute diskpart in a remote powershell session. To get startet, place the Diskpart batch script's into a share on your loca…
Redirected folders in a windows domain can be quite useful for a number of reasons, one of them being that with redirected application data, you can give users more seamless experience when logging into different workstations.  For example, if a use…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now