mmc questions - Page 1

InteXX

Asked: 2021-05-27 17:53:48 +0800 CST

MMC crash during remote firewall management

1

Using MMC, I'm attempting to remotely manage the Windows Defender Firewall on our Hyper-V Server 2019 instance (no GUI, CLI only). The NetBIOS name is SERVER1.

The Windows Defender Firewall Remote Management rules are enabled:

Name                  : RemoteFwAdmin-In-TCP
DisplayName           : Windows Defender Firewall Remote Management (RPC)
Description           : Inbound rule for the Windows Defender Firewall to be remotely managed via RPC/TCP.
DisplayGroup          : Windows Defender Firewall Remote Management
Group                 : @FirewallAPI.dll,-30002
Enabled               : True
Profile               : Any
Platform              : {}
Direction             : Inbound
Action                : Allow
EdgeTraversalPolicy   : Block
LooseSourceMapping    : False
LocalOnlyMapping      : False
Owner                 : 
PrimaryStatus         : OK
Status                : The rule was parsed successfully from the store. (65536)
EnforcementStatus     : NotApplicable
PolicyStoreSource     : PersistentStore
PolicyStoreSourceType : Local

Name                  : RemoteFwAdmin-RPCSS-In-TCP
DisplayName           : Windows Defender Firewall Remote Management (RPC-EPMAP)
Description           : Inbound rule for the RPCSS service to allow RPC/TCP traffic for the Windows Defender Firewall.
DisplayGroup          : Windows Defender Firewall Remote Management
Group                 : @FirewallAPI.dll,-30002
Enabled               : True
Profile               : Any
Platform              : {}
Direction             : Inbound
Action                : Allow
EdgeTraversalPolicy   : Block
LooseSourceMapping    : False
LocalOnlyMapping      : False
Owner                 : 
PrimaryStatus         : OK
Status                : The rule was parsed successfully from the store. (65536)
EnforcementStatus     : NotApplicable
PolicyStoreSource     : PersistentStore
PolicyStoreSourceType : Local

However, when I click the Inbound Rules node, MMC crashes:

Not that it helps much, but here's the stack trace info:

FX:{b05566ac-fe9c-4368-be02-7a4cbb7cbe11}
Object reference not set to an instance of an object.
System.NullReferenceException
   at Microsoft.WindowsFirewall.SnapIn.Wrappers.FirewallRules.Reload(String[] ruleIdFilter)
   at Microsoft.WindowsFirewall.SnapIn.ExceptionsListView.Refresh()
   at Microsoft.WindowsFirewall.SnapIn.NativeMethods.EnhancedMmcListView`1.ForceRefresh()
   at Microsoft.WindowsFirewall.SnapIn.NativeMethods.EnhancedMmcListView`1.OnShow()
   at Microsoft.ManagementConsole.View.ProcessNotification(Notification notification)
   at Microsoft.ManagementConsole.ViewMessageClient.ProcessNotification(Notification notification)
   at Microsoft.ManagementConsole.Internal.IMessageClient.ProcessNotification(Notification notification)
   at Microsoft.ManagementConsole.Executive.SnapInNotificationOperation.ProcessNotification()
   at Microsoft.ManagementConsole.Executive.Operation.OnThreadTransfer(SimpleOperationCallback callback)

...and here's the Application event log entry:

As expected, the Security and Maintenance control panel is useless for this.

When I try this from another machine on the network, MMC doesn't crash—but the Inbound/Outbound rule lists stay empty. No relevant event log entries are produced there.

How can I track this down and fix it so I can remotely manage the server's firewall?

--UPDATE--

I just now got the MMC crash on the other machine.

elliott94

Asked: 2021-01-01 03:42:43 +0800 CST

If user passwords are set to automatically expire within a Windows domain, does this have an impact on the force password change checkbox within ADUC?

1

Assume the following:

A Windows domain has a policy set to ensure that users must reset their passwords every 90 days
A user account (let's refer to it as "UserA") last changed their password just over 3 months ago, and as a result this policy is triggered for their account - forcing a password change at the next login

In this case, if a domain administrator was to open the "Account" tab within the Properties dialog for UserA, would the "User must change password at next login" checkbox be ticked - or is this setting within ADUC not affected by domain password expiry policies?

CathalMF

Asked: 2020-10-13 02:55:36 +0800 CST

Certificate imported into personal store not appearing in MMC -> Certificates

3

I have a self signed certificate that was generated on a Windows 10 machine using the Powershell command:

New-SelfSignedCertificate -DnsName ServerNameHere -NotAfter (Get-Date).AddYears(20) -FriendlyName "Test API Cert" -CertStoreLocation cert:\LocalMachine\My

I exported this certificate with a private key to a PFX file and transferred this to my old Windows 7 test machine. (I have a legacy customer I am working with who still has some Win7 devices that I need my software to work on)

On the Windows 7 machine I imported the certificate into the Personal store.

I then opened the MMC, added the certificate add in and opened the personal store. It doesnt show the certificate.

Is there some reason that it is not showing here?

trueCamelType

Asked: 2017-01-10 10:12:19 +0800 CST

MMC, Active Directory Users and Computers, why is properties missing most tabs?

2

This question has been asked several times on other forums, but most answers I've found are for Windows 7, Windows Vista, or don't apply to my situation at all.

My issue is that when I go to the Properties section of any object in Active Directory, I get only 5 tabs, shown below:

The most common solution for this seems to be installing Remote Server Administrative Tools. Which I have done, and it is the newest version.

After that, the most common problem seems to be that you have to enable the AD services in Programs and Features, which is done, and shown below:

I have also already enabled the Advanced features. Which adds tabs, but not the missing ones. Just extra ones I don't need.

After this step, I've seen lots of answers for Windows 7 and Vista (It may also apply to 10, I'm not sure), where they copied files name tsuserex.dll and tsuserex.dll.mui from their server, to their local computer. I haven't done this yet, because it seems pretty weird to me. I'm a junior/mid level person in the IT world, but moving around dll's to get some tabs to appear seems odd to me. If that really is the next step I'll do it, but can someone explain to me why I'd need to do that, if that's the case?

I'm more than happy to try anything else though.

Extra Info.

The AD server is Windows Server 2012 Standard
I have also gone through the steps shown here. Which is basically just making sure the Remote Desktop Services - Extensions has the correct checkboxes checked. And it was all as it should be.
To be thorough, the RSAT I downloaded was KB2693643
I have also uninstalled and re-installed the server tools.

user1330287

Asked: 2016-07-17 00:43:24 +0800 CST

DNS - Difference between scavenge and clear cache?

2

Server 2012 R2, DNS Service:

In DNS Manager, what is the functional difference between "Scavenge Stale Resource Records" and "Clear Cache."?

MMC crash during remote firewall management

If user passwords are set to automatically expire within a Windows domain, does this have an impact on the force password change checkbox within ADUC?

Certificate imported into personal store not appearing in MMC -> Certificates

MMC, Active Directory Users and Computers, why is properties missing most tabs?

DNS - Difference between scavenge and clear cache?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?

Questions[mmc](server)