Firewall, SQL and ICT Alive
I have spoken to RM who have not been able to help with this. It is not a CC3 or CC4 network, just a straight Microsoft network.
Essentially the Server 2008 R2 firewall is blocking pupils but not admins. This is not due to firewall permissions or NTFS permissions as far as I can work out. No NAT is being done, the clients and server are all on the same logical/physical network.
New Server 2008 R2 Domain Controller with Firewall enabled as default.
Rebuilt XP Pro SP3 Clients with ICT Alive 1.8 installed.
Server 2008 R2 firewall enabled with an inbound exception rule for Domain and Public profiles, that does not require a secure connection (IPsec) allowing access to:
%Program Files% (x86)\Microsoft SQL Server\MSSQL$LEARNINGALIVE\Binn\Sqlservr.exe
This is as the RM technical document, (TEC108540) says it should be set.
If logged in as a Pupil, ICT Alive will work only if:
The Server's Firewall is disabled. Tested by trying ICT Alive with it on - fails. Turn firewall off on Server, run ICT Alive again straight after failing an it works.
If logged in as an admin account ICT Alive will work if:
The Server's Firewall is disabled.
The above SQL server instance rule is enabled and the Server's Firewall is enabled.
ICT Alive will not work for a Pupil if:
The Server's Firewall is enabled and the SQL server instance rule is enabled, but it will work for an admin account.
ICT Alive will not work for a Pupil or Admin if:
The SQL server instance rule is disabled but the Server's Firewall is ebabled, indicating that it is nothing to do with NTFS permissions.
Disabling the firewall allows ICT Alive to work but is not an option.
Checked all NTFS permissions for ICT Alive on both the Server and Client machines and the SQL Instance, all are as they should be. RM gives "Everyone" full access on the client machines to the C:\Program Files\Research Machines\LA folder. the per
Disabled the Client machine firewall, no effect.
Added RM's suggested website's to the proxy exception list, no effect.
Ran RM's ICT Alive health check as both Admin and Pupil, it states all ok regardless of firewall state.
Set the SQL instance firewall rule to use "secure connections" only and added "authenticated users" to both the Computers and Users tabs. However as the "secure connections" only requires IPsec to function and it is not configure this was pointless.
I've run out of idears as to what else I can do. All suggestions/questions welcome.