How To: Open Required Firewall Ports for SQL, for ConfigMgr 2012 Installation

January 11, 2012 3 Comments

During the installation of ConfigMgr 2012, you may receive a prerequisite check error stating that you need to open required SQL ports on the Windows firewall. In our environment, we have the Window Firewall service disabled. Unfortunately, the prerequisite checker still  requires these ports to be opened. So the below script will re-enable and start the Windows Firewall service, make the required Firewall port changes, and then stop and disable the firewall service. If you just want to make the required firewall changes, simply remove the lines that begin with “sc”.

Paste the following lines into a .bat file:

rem ******************code start******************************

@echo off
sc config MpsSvc start= demand
sc start MpsSvc

echo. *** OPENING SQL SERVER PORTS IN THE FIREWALL ***
echo. source “http://rperreaux.spaces.live.com/Blog/cns!5D7BD18D324CBEEF!729.entry?wa=wsignin1.0&;;sa=289774293″
echo.
echo. Note for Named Instances – SQL mirroring – Dynamic Ports and the firewall
echo. see http://msdn.microsoft.com/en-us/library/cc646023(v=SQL.100).aspx#BKMK_programs
echo. You will need to open firewall ports for your mirroring endpoints and possibly dynamic ports
echo.
echo.
echo. Opening SQL Server TCP 1433
netsh advfirewall firewall add rule name=”SQL Server (TCP 1433)” dir=in action=allow protocol=TCP localport=1433 profile=domain
echo.
echo. Opening SQL Admin Connection TCP 1434
netsh advfirewall firewall add rule name=”SQL Admin Connection (TCP 1434)” dir=in action=allow protocol=TCP localport=1434 profile=domain
echo.
echo. Opening SQL Service Broker TCP 4022
netsh advfirewall firewall add rule name=”SQL Service Broker (TCP 4022)” dir=in action=allow protocol=TCP localport=4022 profile=domain
echo.
echo. Port 135
netsh advfirewall firewall add rule name=”SQL Debugger/RPC (TCP 135)” dir=in action=allow protocol=TCP localport=135 profile=domain
echo.
echo. Opening SQL Browser UDP 1434
netsh advfirewall firewall add rule name=”SQL Browser (UDP 1434)” dir=in action=allow protocol=UDP localport=1434 profile=domain
echo.
echo. Opening Analysis Services TCP 2383
netsh advfirewall firewall add rule name=”Analysis Services (TCP 2383)” dir=in action=allow protocol=TCP localport=2383 profile=domain
echo.
echo. Opening SQL Browser TCP 2382
netsh advfirewall firewall add rule name=”SQL Browser (TCP 2382)” dir=in action=allow protocol=TCP localport=2382 profile=domain
echo.
echo. ***Done ***

sc stop MpsSvc
sc config MpsSvc start= disabled

rem ******************code end******************************

Greg

ramseyg@hotmail.com

Filed under ConfigMgr 2012 Tagged with ,

Proof of Concept Jumpstart Kit v3.0 available for download

January 10, 2012 Leave a comment

I evaluated version 2.0, and must admit, I was impressed. This is a great learning tool – take a look at the links below to see all the products that are covered (MDT, App-V, Win7, just to name a few.)

About the PoC Jumpstart Kit v3.0:

This self-contained, self-service kit will help you complete a Proof-of -Concept (PoC) at your organization, allowing you to quickly evaluate the new Microsoft desktop technologies, including Windows 7 SP1, Office 2010 Pro Plus, Internet Explorer 9, and Application Virtualization with Microsoft Desktop Optimization Pack technology App-V. It will also familiarize you with some of the important deployment tools provided by Microsoft to assist with your broader deployment efforts. This PoC is not meant to be a comprehensive training mechanism but rather an introductory set of modules to familiarize you with tools and technologies.

Once you’ve downloaded it, you’ll find a decent amount of documentation presented in a “self-paced lab” format. Very handy to walk through.

Download v3.0: http://www.microsoft.com/download/en/details.aspx?displaylang=en&id=1834

Visit the PoC Jumpstart home page: http://technet.microsoft.com/en-us/windows/ff603537.aspx

Greg

Filed under Training Tagged with ,

Newer posts