Blog

Windows 2008 R2 Firewall with SQL Server

By default, installing SQL Server 2008 R2 on a brand new Windows Server 2008 R2 server does not open the required Windows Firewall port.  I always wonder why they don't give you the option and install to have MS make the changes for you.  At any rate, MS has a tool to "Fix It" but on my Windows Server 2008 R2 it ran but said it didn't apply to my setup. ???? 

You can of course follow Microsoft's KB articles and manually add the Windows Advanced Firewall rules.  For me, a script to do this was the way to go.  Rolly Perreaux had a great post on setting up SQL and he had the script I've been using to open all SQL ports for my Domain profile on SQL servers.  Here's that script.   

SQL Firewall Ports Script

@echo *** OPENING SQL SERVER PORTS ***
netsh advfirewall firewall add rule name="SQL Server (TCP 1433)" dir=in action=allow protocol=TCP localport=1433 profile=domain
netsh advfirewall firewall add rule name="SQL Admin Connection (TCP 1434)" dir=in action=allow protocol=TCP localport=1434 profile=domain
netsh advfirewall firewall add rule name="SQL Service Broker (TCP 4022)" dir=in action=allow protocol=TCP localport=4022 profile=domain
netsh advfirewall firewall add rule name="SQL Debugger/RPC (TCP 135)" dir=in action=allow protocol=TCP localport=135 profile=domain
netsh advfirewall firewall add rule name="SQL Browser (UDP 1434)" dir=in action=allow protocol=UDP localport=1434 profile=domain

@echo *** OPENING ANALYSIS SERVICES PORTS ***
netsh advfirewall firewall add rule name="Analysis Services (TCP 2383)" dir=in action=allow protocol=TCP localport=2383 profile=domain
netsh advfirewall firewall add rule name="SQL Browser (TCP 2382)" dir=in action=allow protocol=TCP localport=2382 profile=domain

@echo *** OPENING WEB SERVER PORTS ***
netsh advfirewall firewall add rule name="Web Server HTTP (TCP 80)" dir=in action=allow protocol=TCP localport=80 profile=domain
netsh advfirewall firewall add rule name="Web Server SSL (TCP 443)" dir=in action=allow protocol=TCP localport=443 profile=domain

Pause

Enjoy!




SBS 2008 - Cannot connect to the configuration database

After installing the seemingly harmless Security Update for Windows SharePoint Services 3.0 x64(KB9834444) update on a SBS 2008 server, users complained the next day that they couldn't open CompanyWeb.  They would receive the error "Cannot connect to the configuration database."  In short, the fix was to re-run the Configuring Sharepoint Products and Technologies Wizard.  As soon as we kicked that off we received the message that there were new files that needed to be updated so obviously something needed to get upgraded that the Windows Update process didn't handle.  Seems like the kind of thing that should have received a pop-up of some sort during the Windows Update install.

At any rate, re-running the Configuring Sharepoint Products and Technologies Wizard in Administrative Tools fixed the issue.