Hi, I'm having this problem on few of my 2008 servers. When I try to run the Windows Firewall service, i get this message: Windows could not start Windows firewall on server. For more information review the System Log. If this is a non-Microsoft service, contact the service vendor and refer to service specific error code -2144206813 In the event viewer I'm getting this event: Log Name: System Source: Service Control Manager Date: 8/15/2009 10:13:29 AM Event ID: 7024 Task Category: None Level: Error Keywords: Classic User: N/A Computer: Server01.domain.com Description: The Windows Firewall service terminated with service-specific error 2150760483 (0x80320023). Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Service Control Manager" Guid="{555908D1-A6D7-4695-8E1E-26931D2012F4}" EventSourceName="Service Control Manager" /> <EventID Qualifiers="49152">7024</EventID> <Version>0</Version> <Level>2</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2009-08-15T07:13:29.000Z" /> <EventRecordID>90674</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>System</Channel> <Computer>Server01.domain.com</Computer> <Security /> </System> <EventData> <Data Name="param1">Windows Firewall</Data> <Data Name="param2">2150760483 (0x80320023)</Data> </EventData> </Event> I opened cmd prompt and ran sc query MpsSvc. I'm posting the result: SERVICE_NAME: MpsSvc TYPE : 20 WIN32_SHARE_PROCESS STATE : 1 STOPPED WIN32_EXIT_CODE : 1066 (0x42a) SERVICE_EXIT_CODE : -2144206813 (0x80320023) CHECKPOINT : 0x0 WAIT_HINT : 0x0 Any help would be greatly appreciated. Regards

Hello,did you check your GPOs, if any restriction is set with gpresult /v or rsop.msc?Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.

HiMicrosoft recommends not to turn on Microsoft firewall/ICS when running ISA, may be this is the reason of your issue See this article : http://technet2.microsoft.com/windowsserver/en/library/5b3670d9-59d3-47c0-9609-bfd2cc6a7e7c1033.mspx?mfr=trueThe reason for this is that a number of files (most notably the ipnat.sys file) is used by the MS firewall. When ISA gets installed it takes control of this file thereby denying control of it to the ms firewall.Ensure that the MS Firewall and the ICS service is set to manual.Deva

Thanks for the replies. We don't have ISA installed. The Firewall service fails to start on just a few of the servers. On the rest of the servers, it's running fine. Also i have gone through the GPO's. Nothing's wrong there Regards

HiSymptoms Windows Firewall/Internet Connection Sharing (ICS) service not listed in Services.msc Console. Windows Firewall/Internet Connection Sharing (ICS) service is listed in Services Console, but you may not be able to start the service. The following error occurs when accessing the firewall settings (firewall.cpl) Due to an unidentified problem, Windows cannot display Windows Firewall settings. Cause Case 1: This happens due to missing or corrupt SharedAccess registry key, which represents the Windows Firewall Service. This usually occurs if your system is infested with Virus or other Malware, or in the aftermath of Virus removal. In conjunction with the solution provided in the article, it's advisable to run a thorough cleanup of the system. Case 2: You have Windows Live OneCare installed. Windows Live OneCare has its own Firewall which monitors both inbound and outbound connections. Because two firewalls should not be turned on at the same time, Windows Live OneCare turns off Windows Firewall if the latter is running. [More info]. Therefore, Windows Live OneCare users can safely ignore the error message concerning Windows Firewall. Resolution Solution for Case 1: Download sharedaccess.reg (only for Windows XP systems with Service Pack 2 or Service Pack 3 applied) and save to Desktop. Then double-click the file to merge the contents to the registry. The Services entry will be created. Restart Windows (mandatory step, otherwise the following NETSH command might display an error). After restarting Windows, execute the following command via Start, Run dialog: CMD /K NETSH FIREWALL RESET Launch firewall applet from Control Panel, and see if you're able to configure the Windows Firewall settings. If the above steps do not help, as a last resort solution (before attempting to reinstall the Service Pack), give the following commands a try: Click Start, Run and type: rundll32 setupapi,InstallHinfSection Ndi-Steelhead 132 %windir%\inf\netrass.inf The above command repaired most of the Windows Firewall settings when I tested. After running the above command, restart Windows and then run the following: CMD /K NETSH FIREWALL RESET Attempt to start Firewall applet. Start the Windows Firewall service when prompted.This may help!deva

Thanks again. Just to letyou know i dont have any of the symptoms that you mentioned, neither am i missing any registry keys. thanks anyways

Could you please post the Detailederror message what is the event id r u getting??Deva

Could you please take a look at my original post? I already posted the error msg and the event that I' m getting. There's no events other than the one I already posted. Thanks best regards

????

Do you already tried the command netsh firewall reset , from an elevated command prompt? The error message you are seeing means an acces denied. Is the service set to automatic starting,and to Local Service? Please verify that. Certifications: MCSA 2003 MCSE 2003

Dear Shadowman, I already tried that. Here's the result: C:\Windows\system32>netsh firewall reset The service has not been started. C:\Windows\system32>net start mpssvc The Windows Firewall service is starting. The Windows Firewall service could not be started. A service specific error occurred: 2150760483. More help is available by typing NET HELPMSG 3547. C:\Windows\system32>net helpmsg 3547 A service specific error occurred: ***. And yes, the service is set to start automatically and to the local service. Regards

I had experiance the same problems with Windows Vista First try with this commandrundll32 setupapi,InstallHinfSection Ndi-Steelhead 132 %windir%\inf\netrass.infThis should reinstall "firewall"I think that you will have the same error .Then Try this The error means "Access is denied".This may happen if the "MpsSvc" account doesn't have the necessary permissions for the related registry keys.For the NT Service\MpsSvc account, it needs permissions for the following keys:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\EpochQuery Value;Set ValueHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicyFull Control;ReadHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Defaults\FirewallPolicyFull Control;ReadAdd the permission for the account on these registry keys.Here are the steps for the Windows Firewall service:1. In Registry Editor, browse to the key for which you need to add permission.(HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\EpochHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicyHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Defaults\FirewallPolicy)2. Right click the key, and click Permissions.3. Make sure Locations is selected to be the local computer.4. In the "Enter the object names to select field, type "NT SERVICE\mpssvc". Then click Check name.5. Click OK.6. Then select the account which appears in the list, and add the appropriate permission for it.7. When this is done, click OK.It works for me in Vista and Windows 7 and i think that should work on Windows 2008 Server - It's basiclly Vista :)Have fun - Original thread http://www.digitalsupporttech.com/forum/user/viewthread?thread=227

hello martin, thanks for the reply. I ran this commandrundll32 setupapi,InstallHinfSection Ndi-Steelhead 132 %windir%\inf\netrass.infbut nothing happened. Also i already checked that the MpsSvc account has all the necessary permissions for the related reg keys. I have no idea what else to do. regards

Is there any GPOs that may be applyed to the servers with some options for Firewall ?Can you try to Exclude the servers for any GPOs exept the default ones and try to gpupdate /force the GPOs and than start Firewall service ?Have you set any group policies to modify system services?

There's no GPO specified for the firewall settings. Also no policies have been set to modify the system services. The Firewall service is running fine on most of my domain controllers. I'm having this issue on 3 of my DC's only. regards EDIT: The issue is fixed! Even though there were no GPO's modifying the firewall settings, i still ran gpupdate /force and then started the firewall service. This time I was successful. Thanks for all the help! Regards

May i asked how were you able to fixed this problem?i'm having the same problem.thanks

Dear coolice As I mentioned in my previous post, I just ran gpupdate /force on the servers and started the firewall service. It was able to start successfully. You might wanna check that there are no GPO's applied to the server that are intended to modify the Firewall settings. Also make sure that the MpsSvc account has the necesssary permissions on the related registry keys. You may also go through other diagnostic steps mentioned in this thread. Regards

Thanks, Got it fixed... I created a new GPO without the Resultant of Policy, and i moved all my vista and windows 2008 servers. Then Run Gpupdate.Everything's smooth now.Thanks,

Hi coolice, Glad to know that it's fixed. regards