The other weekend I threw in Windows Deployment Services on my test environment.  It worked beautifully.  I didn’t even have to try!


And then I decided lock down the server with the Security Configuration Wizard.  I erred.  I forgot to save the original configuration.  My error.


So my beautifully running WDS suddenly, failed.   Something got “locked down” or service “disabled” in the process.  Enter me jumping up and down yelling magic words at the computer gods.


No errors in the eventlog. Everything seemed to BE right.  The rules on the firewall were enabled.  Remote PXE boots were grabbing an IP address but no sign of a Boot file.

In fact when I cranked up the logging on the Server 2008 firewall, the attempts to pull a PXE boot were getting through.  Nothing blocked.

So…errr…… huh?

In desperation, I removed and reinstalled the instance of WDS.  The logic BEING that in the install, it should re-enable the needed component or service.


Turns out, that worked.  Worked the first time.     No funkiness or reconfiguration needed either.   I ran through the Wizard, choose not to install images and everything was back working the way it was.

Next time I’ll do it again and lock it down on purpose and track the “Before and After”.  I’m placing the odds on a service.


But I did learn one good thing from my stupidity.  Powershell.  If you want to document your list of services and their current state BEFORE you do something dumb like play with your only Production/Test environment WITHOUT backup?

In Powershell run




Will give you a nice CSV file you can edit,view and search in Excel of ALL your services.  So when things go stupid after?  You can run the same command again in Powershell and compare the results SIDE by SIDE.  And probably just re-enable the needed service.


Me dumb dumb, me break own server.  But me fix.


the Energized Tech