XP SP2에서 SMS admin콘솔이용하기

.

XP를 SP2로 업그레이드하면.. SMS(System Management Server)관리콘솔을
이용할수없게된다. Tree만 보이지 Tree의 item들을 볼수없게되는 것이다.
이를 해결하기위한 방법이다.

[#M_ 원인(CAUSE)
because of the configuration of Windows Firewall. more.. | 원인(CAUSE) less.. |
because of the configuration of Windows Firewall.
When the Don’t allow exceptions check box is selected,
the SMS Administrator console cannot connect to any SMS site database.
If Windows Firewall is turned on, and no exceptions are defined,
the SMS Administrator console cannot display all the items in the console tree.
This is the default setting. _M#]
[#M_ 해결책(RESOLUTION)
To resolve this issue, follow these steps: more.. |해결책(RESOLUTION) less.. |
To resolve this issue, follow these steps:

  1. Click Start, click Control Panel, and then click Windows Firewall.
  2. On the General tab, make sure that Windows Firewall is turned on, and that the Don’t allow exceptions setting is not selected.
  3. On the Exceptions tab, click Add Program.
  4. Click the Browse button, and then open the following file:

    %WINDIR%System32WbemUnsecapp.exe

    If you have to define the scope, click Change scope, and then click OK.
  5. In the Programs and Services list, click to select the Unsecapp.exe check box.
  6. Click the Add Port button.
  7. Type 135 in the Port number box, make sure that TCP is selected, and then type a name for the exception in the Name box.

    If you have to define the scope, click Change scope, and then click OK.
  8. In the Programs and Services list, click to select the check box for the exception that you added in step 7.
  9. Click OK.
Sometimes, adding these exceptions to Windows Firewall may not resolve the issue. You may also have to set anonymous remote access rights in DCOM or modify the local security policy settings for the client computer. Do not make these changes unless adding Unsecapp.exe and TCP port 135 to the exceptions list does not resolve the issue.

Warning This workaround may make your computer or your network more vulnerable to attack by malicious users or by malicious software such as viruses. Microsoft does not recommend this workaround but is providing this information so that you can choose to implement this workaround at your own discretion. Use this workaround at your own risk.
To set anonymous remote access rights in DCOM, follow these steps:
  1. Click Start, click Run, and then type dcomcnfg.exe in the Open box.
  2. Locate the Console root node, expand Component Services, expand Computers, and then click My Computer.
  3. Right-click My Computer, and then click Properties.
  4. In My Computer Properties, click the COM Security tab.
  5. In Access Permissions, click Edit Limits.
  6. Click ANONYMOUS LOGON.
  7. In Permissions for ANONYMOUS LOGON, click to select the Allow setting for Remote Access.
  8. Click OK two times.
You can modify the local security policy settings locally or by using Group Policy. For more information about how to use Group Policy, see the “References” section. To modify the policy settings locally, follow these steps.

Note Local policy settings may be overridden by domain policy settings.
  1. Click Start, click Run, and then type Secpol.msc in the Open box.
  2. Expand Local Policies, and then click Security Options.
  3. Locate and then right-click Network Access: Let Everyone permissions apply to anonymous users.
  4. Click Properties.
  5. Click Enabled, and then click OK.
_M#]
[#M_   참고자료(REFERENCES) more.. | 참고자료(REFERENCES) less.. |
For additional information, click the following article numbers to view the articles in the Microsoft Knowledge Base:

317872 Troubleshooting SMS Administrator console connectivity


278259 Everyone group does not include anonymous security identifier

To view a list of frequently asked questions about Microsoft Systems Management Server 2003 clients, visit the following Microsoft Web site:

http://www.microsoft.com/technet/prodtechnol/sms/sms2003/techfaq/tfaq03.mspx

To view a complete list of Group Policy settings, visit the following Microsoft Web site:

http://go.microsoft.com/fwlink/?linkid=23277