My first run of Security Configuration Wizard (SCW) on my first Windows Server 2003 SP1 system failed. Needless to say, my first system is a virtual system. First, I created a new policy and saved it. Next, I re-ran the wizard to apply the policy. It failed - could not get an endpoint to the Windows Firewall Service it said.
I quickly figured out the reason. My server has two network cards. One is bound to a Microsoft loopback adapter on my host. The card could not get an IP address, so it was in the 'limited or no connectivity' state. I disabled the NIC and the wizard could complete. The state prevented the wizard from applying the policy.
The behavior is not consistent. If I disabled the NIC, applied the policy, removed the policy, enabled the NIC and applied the policy - I could not reproduce the error. Even after rolling back the policy and restarting the server, I could not reproduce the error message...
I'll try it on another server another day.