Solved

2008 R2 Server reboot after GPO

Posted on 2011-09-22
4
930 Views
Last Modified: 2012-06-21
We recently rolled out a change in our Default Domain policy to disable the Windows Firewall and change the firewall service from "auto start" to "disabled".

An oversight caused the GPO to push the update to some of our 2008 R2 Terminal Servers and one of those servers rebooted after the GPO was applied.

The series of Events in the Event Viewer simply show the GPO settings being applied successfully, and then the typical entries for services starting/stopping due to a reboot.

No other server experienced the issue and we obviously corrected the issue that was pushing the GPO to the servers, but I'm wondering if anyone has ever seen this or anything similar happen between a 2008 R2 server and the Firewall service? (The big cheezes are bound to ask why this happened and I don't have anything)
0
Comment
Question by:sysadmin-ee
  • 3
4 Comments
 
LVL 6

Accepted Solution

by:
Zouleous earned 500 total points
ID: 36583956

In Windows 7 and Windows Server 2008 R2, you first need to disable and stop the “Base Filtering Engine” service. Only stopping the Firewall service will put you in block mode.  I've locked myself out of remote desktop access to a server by doing this before...more than once actually.  Bad idea.  Please read the caution at the end of this Technet Article.

Also see this: http://technet.microsoft.com/en-us/library/cc766337(WS.10).aspx
0
 
LVL 6

Expert Comment

by:Zouleous
ID: 36583967
I'd recommend you don't stop the service, but instead set the firewall profiles to off.
0
 
LVL 6

Expert Comment

by:Zouleous
ID: 36583984
Oh and when the Big Cheeses ask I guess you'll have to tell them Microsoft implemented a hidden security "feature" in Server 2008 R2.  The only way you discover the "feature" is to fall victim to it.  Either that or proactively read every Technet article known to man.
0
 

Author Comment

by:sysadmin-ee
ID: 36584111
Leave it to Microsoft! Thanks man...that info is priceless!!!
Thanks a million man!
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We recently had an issue where out of nowhere, end users started indicating that their logins to our terminal server were just showing a "blank screen." After checking the usual suspects -- profiles, shell=explorer.exe in the registry, userinit.exe,…
The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now