Wednesday, April 20, 2005

First run of SCW failed

My first run of Security Configuration Wizard (SCW) on my first Windows Server 2003 SP1 system failed. Needless to say, my first system is a virtual system. First, I created a new policy and saved it. Next, I re-ran the wizard to apply the policy. It failed - could not get an endpoint to the Windows Firewall Service it said.

I quickly figured out the reason. My server has two network cards. One is bound to a Microsoft loopback adapter on my host. The card could not get an IP address, so it was in the 'limited or no connectivity' state. I disabled the NIC and the wizard could complete. The state prevented the wizard from applying the policy.

The behavior is not consistent. If I disabled the NIC, applied the policy, removed the policy, enabled the NIC and applied the policy - I could not reproduce the error. Even after rolling back the policy and restarting the server, I could not reproduce the error message...

I'll try it on another server another day.

No comments: