Our Windows server 2008 R2 domain controller does not appear to be logging anything into the windows firewall log: c:\windows\system32\logfiles\firewall\pfirewall.log. The file is always blank. Every 2003 server and 2008 R2 non-dc work fine.
I'm a little stumped. The firewalls are configured via GPO's and appear to be applied ok.
I compared the 2003 and 2008 configuration and did notice one discrepancy:
The 2003 windows firewall service runs as the local system account. It's effective permissions to the pfirewall.log file is "full control"
However, the 2008 firewall service runs as "LOCAL SERVICE". This account has read-only permissions to the pfirewall.log file.
I haven't changed anything as this is a production server. I was hoping for some guidance before I start changing default settings. Any ideas why the pfirewall.log file is always blank?
Thanks!