On a Windows 2008 server I need some help configuring the Windows Firewall Advanced Security and Windows Firewall Service settings.
Here is the situation. The Windows 2008 server is a domain controller in a Windows 2000 domain. The Windows 2000 server is the primary domain controller. The workstations are XP Pro machines. The 2008 server has DNS, DCHP, WINS roles and all is working well except this.
In the Workstations' My Network Places (also in Net view from the command line), the 2008 server is listed, then drops off the list in about one hour. All the other computers continue to be listed. After the 2008 server is rebooted, it is listed again for about an hour, then drops. Mapped drives continue to work.
I traced the problem to settings in the Windows Firewall Advanced Security and the Windows Firewall Service on the 2008 server. If I turn off the Windows Firewall Service, the problem goes away - the 2008 server continues to be visible in the workstations My Network Places and does not drop off after an hour. If I turn on the Firewall service the problem starts again. I have tried turning off all three profiles in Windows Firewall Advanced Security (Domain, Private, and Public) and left the firewall service on and the problem still happens.
I've concluded it has something to do with the Firewall Service. The Firewall service has one dependency - Windows Event Collector. The Firewall Services is dependent on these - Base Filtering Engine, Remote Procedure Call, DCOM Server Process Launcher and Windows Firewall Authorization Driver. The only oddity I see is that in the 2008 server network setting for Client for Microsoft Networks, the RPC Service Name Service Provider won't hold a value. The choices are Windows Locator and DCE Cell Directory Service. Neither will persist in the when you close the properties box and reopen it the value is missing. I understand that the correct value should be Windows Locator. I may be way off the mark with Windows Locator, however.
Has anyone else experienced this problem? Has anyone a solution?
- Edited by asemeiks Thursday, September 25, 2008 7:56 PM
Are all the computers in the same subnet?
Do all Windows XP computers encounter this issue?
Please run the command browstat status on the Windows Server 2008 and a Windows XP machines to check if the master browser is the same.
Run the command browstat view <Transport ID> \\<masterbrowser> on the Windows Server 2008 machine and verify that master browser has the server in its list.
For more information of the browstat utility, refer to the KB article 188305:
Troubleshooting the Microsoft Computer Browser Service
Meanwhile, perform the following steps on the Windows Server 2008 machine and check the result:
· Enable the Network Discovery group in the Windows Firewall.
· Change the NetBIOS settings to Enable NetBIOS over TCP/IP.
Additionally, regarding this networking issue, I suggest that you post it in networking related forum in order to resolve the issue more efficiently. For your convenience, I’ve included a link of networking forum website:
- Marked as answer by Joson ZhouModerator Monday, October 06, 2008 2:21 AM