Re: Can't read event logs on Win2003 server
From: Arch Willingham (arch_at_tuparks.com)
Date: 11/18/03
- Next message: Mark Pfeifer: "Re: Smart Card"
- Previous message: Arch Willingham: "Re: Required rigths to access Event Viewer on a remote machine"
- In reply to: David Wang [Msft]: "Re: Can't read event logs on Win2003 server"
- Next in thread: David Wang [Msft]: "Re: Can't read event logs on Win2003 server"
- Reply: David Wang [Msft]: "Re: Can't read event logs on Win2003 server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 18 Nov 2003 11:09:35 -0500
1. Yes on the RemoteRegistry server.
2. Uh...I can run Dcomcnfg.exe...does that mean DCOM is running??? How do I
know which ports it is using (or is supposed to use)?
3. The service "Remote Procedure Call (RPC)" is running but ditto on the
question on the ports...which does it use and which should be open?
Arch
"David Wang [Msft]" <someone@online.microsoft.com> wrote in message
news:eNpR$EBrDHA.2536@tk2msftngp13.phx.gbl...
> Is DCOM and RCP enabled/working on your machine, and are their ports open?
> Is RemoteRegistry service enabled (for MBSA) ?
> Do you know how this W2K DC was locked down in the past?
>
> Otherwise, I really am out of ideas, so if you want issue resolution, you
> should call MS PSS Support. I think you have some fundamental service or
> permission disabled, and it was preserved across the upgrade, hence
causing
> your present issues.
>
> --
> //David
> IIS
> This posting is provided "AS IS" with no warranties, and confers no
rights.
> //
> "Arch Willingham" <arch@tuparks.com> wrote in message
> news:OrRTsh8qDHA.1496@TK2MSFTNGP11.phx.gbl...
> Yep...its running.
>
>
> "David Wang [Msft]" <someone@online.microsoft.com> wrote in message
> news:%23dmY0s3qDHA.2000@TK2MSFTNGP09.phx.gbl...
> > Hmm, I'm not certain why, then.
> >
> > Can you check in the Services applet whether the "Event Log" service is
> > running?
> >
> > --
> > //David
> > IIS
> > This posting is provided "AS IS" with no warranties, and confers no
> rights.
> > //
> > "Arch Willingham" <arch@tuparks.com> wrote in message
> > news:eVvwkBvqDHA.3732@tk2msftngp13.phx.gbl...
> > If the firewall is the service called "Internet Connection Firewall
(ICF)
> /
> > Internet Connection Sharing (ICS)", then nope..its not turned on...would
> it
> > be called another name?
> >
> > Arch
> >
> > "David Wang [Msft]" <someone@online.microsoft.com> wrote in message
> > news:OvaHbIPqDHA.1632@TK2MSFTNGP10.phx.gbl...
> > > What I mean to ask is -- is the Firewall in Windows Server 2003 turned
> on
> > > somehow?
> > >
> > > I'm not certain of what else, but what it sounds like is that you have
a
> > > single service that is not running on Windows Server 2003 when you
need
> it
> > > to be running to provide the necessary functionality. I've found
> machines
> > > with RPCSS (the target of Blaster) stopped to behave quite weirdly in
> > > similar manner.
> > >
> > > --
> > > //David
> > > IIS
> > > This posting is provided "AS IS" with no warranties, and confers no
> > rights.
> > > //
> > > "Arch Willingham" <arch@tuparks.com> wrote in message
> > > news:uJu9DdJqDHA.2000@TK2MSFTNGP10.phx.gbl...
> > > Nope...they are all on the same subnet. Prior to converting the
machine,
> a
> > > domain admin could do all of the above. Once upgraded, no one
(including
> > > Enterprise Admin) and do any of the above.....in the words of Chris
> > > Rock..."That ain't right".<G>
> > >
> > > Arch
> > >
> > > "David Wang [Msft]" <someone@online.microsoft.com> wrote in message
> > > news:%23TkKbwzpDHA.644@TK2MSFTNGP11.phx.gbl...
> > > > That actually sounds like good behavior to me. :-)
> > > >
> > > > Maybe you have a firewall blocking ports somewhere?
> > > >
> > > > --
> > > > //David
> > > > IIS
> > > > This posting is provided "AS IS" with no warranties, and confers no
> > > rights.
> > > > //
> > > > "Arch Willingham" <arch@tuparks.com> wrote in message
> > > > news:O6VjjAuoDHA.360@TK2MSFTNGP12.phx.gbl...
> > > > I upgraded one of DC servers yesterday from Win2000 (sp4) to
NET2003.
> > > > Everything works great except for two things:
> > > >
> > > > 1. I cannot use the event viewer to look at the event log on that
> server
> > > > unless I am logged on to the server (even when logged on as the
domain
> > > > admin).
> > > > 2. If I use MBSA (Baseline Security Analyzer) to check that server,
> > every
> > > > line says "Check could not be performed because registry could not
be
> > > > accessed"
> > > > 3. If I click "manage" on "my computer" and then connect to that
> > computer,
> > > > everything I click on results in "System Information
> > > > The connection to BLAHBLAH could not be established. Check to see
that
> > the
> > > > network path name is correct, that you have sufficient permission to
> > > access
> > > > Windows Management Instrumentation, and that the Windows Management
> > > > Instrumentation service is started on the computer."
> > > >
> > > > Any ideas?
> > > >
> > > > Arch
> > > >
> > > >
> > > >
> > >
> > >
> > >
> >
> >
> >
>
>
>
- Next message: Mark Pfeifer: "Re: Smart Card"
- Previous message: Arch Willingham: "Re: Required rigths to access Event Viewer on a remote machine"
- In reply to: David Wang [Msft]: "Re: Can't read event logs on Win2003 server"
- Next in thread: David Wang [Msft]: "Re: Can't read event logs on Win2003 server"
- Reply: David Wang [Msft]: "Re: Can't read event logs on Win2003 server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
