1. Diagnostic Policy
Service fails with Access Denied
Solution:
· Navigate to the following key:
HKLM\System\CurrentControlSet\Control\WDI\Config
· Grant full permission to the ‘NT Service\DPS’ account
on the key.
Note: This is a Local account and not on domain. You need
to change the location from domain to local while searching for the accounts.
2. Firewall service fail to
start with Error Code 5
Run Procmon.exe and you would notice access denied logs
on the following keys:
HKLM\System\CurrentControlSet\Services\SharedAccess\Epoch
HKLM\System\CurrentControlSet\Services\SharedAccess\Epoch2
Solution:
· Navigate to the keys and grant full permission to the
following accounts:
NT Service\MPSSVC and NT Authority\Network Service
Note: These are Local accounts and not on domain. You
need to change the location from domain to local while searching for the
accounts.
· Start the Firewall Service. It should start
successfully.
3. Windows Event Log
service fail to start with Access Denied error
Again, Procmon.exe shows that we have access denied on
C:\Windows\System32\WinEvt folder.
Solution:
· Navigate to the above mention folder and edit
permissions
· Grant full permission to the local account NT
Service\EventLog
Note: These are Local accounts and not on domain. You
need to change the location from domain to local while searching for the
accounts.
4. Multiple Services fail
to start with dependency failure error
or Access denied while
starting Base Filtering Service
Multiple Services on Windows 2008 R2 fail to start with
dependency failure error. The following services fail to start:
IPsec Policy Agent (PolicyAgent)
Windows Firewall
IKE and AuthIP IPsec Keying Modules
Internet Connection Sharing (ICS)
Routing and Remote Access
Windows Firewall
IKE and AuthIP IPsec Keying Modules
Internet Connection Sharing (ICS)
Routing and Remote Access
Reason: These services are directly or indirectly
dependent on Base Filterning Agent service, which is failing with Access Denied
Error. We need to fix Base Filtering Agent first.
Solution:
· Navigate to the following registry key:
HKLM\System\CurrentControlSet\Services\BFE
· Grant full permission to the NT Service\BFE account
on the above mentioned key.
· Also ensure that the following subkey is inheriting
permission for BFE account:
HKLM\System\CurrentControlSet\Services\BFE\Parameters\Policy\Persistent
No comments:
Post a Comment