SP2 + Logical Disk Manager

G

Guest

After installing SP2 and enabling Windows Firewall, I can no longer use Disk
Management tool from the Computer Management utility to view disk drives on
the remote XP+SP2 computers. GPO has already been configured to enable the
following settings (as described in the SP2 guide) and are successfully
applied to all the PCs.

i) Windows Firewall: Allow remote administration exception
ii) Windows Firewall: Allow file and printer sharing exception (which opens
TCP 445)
iii) Windows Firewall: Allow local program exceptions (which allows
%WINDIR%\SYSTEM32\dmremote.exe )

On remote PCs with SP2 installed, I always get "The RPC server is
unavailable" error message. On remote PCs without SP2 installed, I always get
another error message saying "An unexpected error has occurred. Check the
System Event Log for more information....".

This has been the major problem in deploying SP2 since I can no longer be
able to remotely determine the required free disk space (another big problem)
before the deployment. Please help if you know how to solve this problem.

Thank you.
 
B

Ben Strauss

I've run into exactly the same problem. It evidently has nothing to
do with the Windows Firewall as the problem persists even when it is
disabled. I further tried going into "Component Services" and opening
up default COM Security Rights to allow remote access, launch, and
activation privileges to "ANONYMOUS LOGON" and "Everyone".

I also tried setting the newly introduced registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows
NT\RPC\RestrictRemoteClients to 1

(I don't intend to leave things this way - it's only part of
troubleshooting.)

Still no luck. I would expect others to complain about this as well.

Again, it is clearly NOT firewall related. It happens even with the
firewall off. It looks like some sort of rights issue, as the event
log yields an "Access Denied" from LDM (Logical Disk Manager), yet the
problem occurs even when logged on as a Domain Admin.


On another related note, I did manage to get remote Disk
Administration to work going FROM an XP SP2 machine in order to
remotely administer other machines (on which SP2 has not been
installed).

This required the following measures:
-Opening the Windows Firewall for TCP port 135 (RPC).
-Opening the Windows Firewall for dmremote.exe.
-Going to Administrative Tools>Component Services
a. Expand Component Services (At this point the Windows Firewall may
pop up a security message. If it does, click Unblock.)
b. Expand Computers
c. Right-click on My Computer, select Properties.
d. Select the COM Security tab.
e. In the Access Permissions section, click Edit Limits…
f. Select ANONYMOUS LOGON. Check the Allow checkbox for Remote
Access.
g. Reboot for rights change to take effect.

(On the last count I may have opened things a bit more than necessary,
but at least now I can administer drives on those machines not yet
running XP SP2 from my machine, which IS running SP2.)
 
G

Guest

I have been playing with service permissions because of a problem with
windows update and it ocured to me that the same issue may exist with LDM.
load a command window
enter sc sdshow dmadmin
make sure the SU SID has full control. if not copy output from previous
command and add (A;;GA;;;SU)
If you use group policy make sure that SERVICE has full control of LDM.
This cured it for me

See document "SDDL Syntax" at Washington university for a very good
description of this stuff

Regards John
 
G

Guest

Hi John,
I tried your method by executing "sc sdset dmadmin (A;;GA;;;SU)" but have
found no differences. What I'm doing now is follow what Ben Strauss has
described and on XP with SP2, I'll first manually stop the Windows
Firewall/Internet Connection Sharing (ICS) service on the target machine
before connecting to its LDM.
 
C

clemens

chinlj4 said:
Hi John,
I tried your method by executing "sc sdset dmadmin (A;;GA;;;SU)" but have
found no differences. What I'm doing now is follow what Ben Strauss has
described and on XP with SP2, I'll first manually stop the Windows
Firewall/Internet Connection Sharing (ICS) service on the target machine
before connecting to its LDM.
Click to expand...

My brother had the same problem.
After installing SP2 he couldn't find the other PC's in the netwerk
and it was not possible to share the printer.
Strange one time it worked and the other time it failed.
On all PC's turning WinXP Professional SP2.
At home I didn't had this problem. After long searching I got a
message that
"The RPC server is not available". Strange that on his network you
deal with this problem and on another network this is no problem.
He was so furious about it, that before he asked me to help him, he
did a complete new install of windwos on all his pc's. This didn't
solve his problem.

After I chanched in services that de RPC has to start automatically,
his problem was solved.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

SP2 + Logical Disk Manager 1
Disk Management 2
Disk Management after loading XP2 4
Local Disk Management Console Generates Remote Disk Management Err 1
XP SP2 Disables Print Sharing & Windows Firewall Won't Load 1
XP Firewall Issue - Domain 1
sp2 and rpc problem (not virus caused 1
XP SP2 Firewall removed by nLite, broken after SP3 installed 4

Top