Results 1 to 5 of 5

Thread: Windows XP SP2 on AD enviroment

  1. #1
    Succeded in braking Windo TZ Veteran Dehcbad25's Avatar
    Join Date
    Apr 2002
    Location
    DE - USA
    Posts
    2,406

    Windows XP SP2 on AD enviroment

    Ok, SP2 is overdue from the SUS server and it started installing by itself. Ever since it did that, I am having problem connecting to some PCs
    I was wondering if anybody came accross a document about recomendations for XP SP2 in AD enviroment??
    That will relieve a lot my headaches and reduce the time I have to spend troubleshooting.

  2. #2
    all bets are off... TZ Veteran SupaStar's Avatar
    Join Date
    Jul 2002
    Location
    Australia
    Posts
    1,680
    SP2 has been giving us headaches with the firewall enabled. Try disabling it and see how you go.

    When you say " I am having problem connecting to some PCs" do you mean via Remote Desktop?

  3. #3
    Succeded in braking Windo TZ Veteran Dehcbad25's Avatar
    Join Date
    Apr 2002
    Location
    DE - USA
    Posts
    2,406
    well, I want to avoid disabling it. If I disable it it works fine.
    Connecting goes in a different array of ways. Remote Desktop actually get enabled instantly. I can run the Group Policy result wizard in a computer with SP2 and firewall enable. Also I can't do remote registry of remote services. So, the audit program fails to get a lot of data out of the computer.
    I tried with one computer installing Sygate, and then watch the ports, but man, there is so much talk inside the subnet that it gets almost imposible.
    I am thinking that a lot has to be rooted in the rpc protocol, so MS should have issued a KB on best practices for SP2 firewall in a corporate network (hopefully)

  4. #4
    Security Intelligence TZ Veteran cash_site's Avatar
    Join Date
    Jul 2002
    Location
    Software Paradise
    Posts
    3,852
    we just did a big deployment of SP2 PCs and SBServer 2003... all went well... guess it helps starting on clean slate...

    However, you should be able to use GPO to configure client firewall and edit filesharing settings and change the scope to allow LAN traffic, dont set to any (internet) setting.

    --- 0wN3D by 3gG ---

  5. #5
    Succeded in braking Windo TZ Veteran Dehcbad25's Avatar
    Join Date
    Apr 2002
    Location
    DE - USA
    Posts
    2,406
    Yes, been doing that, but I haven't find the GPO yet, so I was doing it manually. I think my problem is that we have a mixed enviroment (client level) with Windows 2k, and Windows XP, so the GPO might be 2K level for compatibility....
    We also have some NT machines, but doesn't matter how much I try, the policies are ignored but them Even with the policy editor from NT.
    Cash, did you try the GPMC? It is a really cool tool, isn't it?
    At work we jump from Windows NT server to Windows 2003. I almost didn't have 2K experience until this last weekend. Man, I missed so much some of the features of 2K3 I have been spoiled

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •