Re: XP SP2 kills SMS 2 Admin console
From: Stan White [MS] (stanwh_at_microsoft.com)
Date: 08/17/04
- Next message: Jeff Harbaugh [MSFT]: "Re: Logon Discovery Issue"
- Previous message: Jeff: "Re: Logon Discovery Issue"
- In reply to: K Stech: "Re: XP SP2 kills SMS 2 Admin console"
- Next in thread: K Stech: "Re: XP SP2 kills SMS 2 Admin console"
- Reply: K Stech: "Re: XP SP2 kills SMS 2 Admin console"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 17 Aug 2004 12:35:01 -0700
Can you remote the XP SP2 machine from a Windows 2000 machine?
Can you remote a Windows 2000 machine from the XP SP2 machine?
We actually recommend using RD or RA when connecting to anything above W2K
Pro.
-- -- Stan [MSFT] -- -- This posting is provided "AS IS" with no warranties, and confers no rights. -- -- "K Stech" <K Stech@discussions.microsoft.com> wrote in message news:2B85923A-385C-4CC1-B673-86791CA82D6B@microsoft.com... >I applied your fix and the Admin Console works on our test computer. > However, I am unable to connect to the test computer with SP2 installed on > it > from another SMS Console. I get the remote tools white screen screen, but > when I > click the connect button, I only get a gray screen that times out. > > Any suggestions?? > > "Stan White [MS]" wrote: > >> Unfortunately not all shipped applications can work well in locked down >> mode. This is as secure as Windows 2000 or Windows XP SP1 but can't take >> advantage of all the security features. >> -- >> -- >> Stan [MSFT] >> -- >> -- >> This posting is provided "AS IS" with no warranties, and confers no >> rights. >> -- >> -- >> >> "James" <lee.james@spartan.ab.ca> wrote in message >> news:17084052.0408110639.51e05f67@posting.google.com... >> >I finally got it to work by doing the DCOM modification and rebooting. >> > As the firewall is turned off, I didn't have to add the exceptions. >> > >> > However this now opens up a hole (COM Permissions) that SP2 was >> > designed to fix does it not? >> > >> > J. >> > >> > "Scott" <Scott@discussions.microsoft.com> wrote in message >> > news:<5D5EB727-4400-43B4-9C3A-CB61D8F4E6A2@microsoft.com>... >> >> Windows Firewall and DCOM require modifications to allow the adsmin >> >> console >> >> to function. The FAQ mentioned beloew addresses the issues and >> >> suggests >> >> fixes beginning on page 9. This is what I did: >> >> >> >> Add the following lines to the [ICF.AddReg.DomainProfile] section of >> >> the >> >> Netfw.inf file in %windir%\inf >> >> >> >> HKLM,"SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List","%windir%\SYSTEM32\WBEM\UNSECAPP.EXE",0x00000000,"%windir%\SYSTEM32\WBEM\UNSECAPP.EXE:*:Enabled:WMI" >> >> HKLM,"SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\RemoteAdminSettings","Enabled",0x00010001,1 >> >> HKLM,"SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List","2701:TCP",0x00000000,"2701:TCP:*:enabled:SMS >> >> - Remote Tools (2701)" >> >> HKLM,"SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List","2702:TCP",0x00000000,"2702:TCP:*:enabled:SMS >> >> - Remote Control (2702)" >> >> HKLM,"SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List","2703:TCP",0x00000000,"2703:TCP:*:enabled:SMS >> >> - Remote Chat (2703)" >> >> HKLM,"SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List","2704:TCP",0x00000000,"2704:TCP:*:enabled:SMS >> >> - Remote File Transfer (2704)" >> >> HKLM,"SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List","137:UDP",0x00000000,"137:UDP:*:Enabled:@xpsp2res.dll,-22001" >> >> HKLM,"SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List","138:UDP",0x00000000,"138:UDP:*:Enabled:@xpsp2res.dll,-22002" >> >> HKLM,"SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List","139:UDP",0x00000000,"139:TCP:*:Enabled:@xpsp2res.dll,-22004" >> >> HKLM,"SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List","3389:TCP",0x00000000,"3389:TCP:*:Enabled:@xpsp2res.dll,-22009" >> >> HKLM,"SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List","445:TCP",0x00000000,"445:TCP:*:Enabled:@xpsp2res.dll,-22005" >> >> >> >> Then run DCOMCFG from the run dialog box. GO to Component Services > >> >> Computers > My Computer <Properties> COM Security tab > Access Limits >> >> Dialog >> >> > Edit Limits and add the Remote Access righto the Annonymous Logon >> >> > group >> >> >> >> Reboot your system for the setings to take effect. >> >> >> >> >> >> "Stan White [MS]" wrote: >> >> >> >> > Info on the admin console and XP SP2 is located here: >> >> > >> >> > http://www.microsoft.com/technet/prodtechnol/sms/sms2003/techfaq/tfaq02.mspx >> >> > >> >> > -- >> >> > -- >> >> > Stan [MSFT] >> >> > -- >> >> > -- >> >> > This posting is provided "AS IS" with no warranties, and confers no >> >> > rights. >> >> > -- >> >> > -- >> >> > >> >> > "James" <lee.james@spartan.ab.ca> wrote in message >> >> > news:17084052.0408100628.681ed750@posting.google.com... >> >> > > Whenever you try and expand any of the folders you get the >> >> > > hourglass >> >> > > of death. Tried running MMC and creating a new SMS snap-in >> >> > > manually >> >> > > but got the same result. >> >> > > >> >> > > Frustrating to say the least. >> >> > > >> >> > > J. >> >> > >> >> > >> >> > >> >> >>
- Next message: Jeff Harbaugh [MSFT]: "Re: Logon Discovery Issue"
- Previous message: Jeff: "Re: Logon Discovery Issue"
- In reply to: K Stech: "Re: XP SP2 kills SMS 2 Admin console"
- Next in thread: K Stech: "Re: XP SP2 kills SMS 2 Admin console"
- Reply: K Stech: "Re: XP SP2 kills SMS 2 Admin console"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
