Hi Folks,
I have Windows Fax Server installed on both my Windows Server 2008R2 and my Windows Server 2012R2. Both work perfectly well sending and receiving faxes when I run Window Fax and Scan (wfs.exe) locally, either connected directly to the modem or connected to themselves as fax servers, but neither can connect to the other as a fax server, and the same is true of any of my desktops:
I'm the Fax Administrator and, trust me, I have consulted myself almost to the point of mayhem. Neither threats nor inducements have worked so far.
Since "permissions" is a huge, opaque area, and the list of things I have tried is long, I need a new approach, which is less focused on the specific problem of the fax server and more on permissions problems in general. Is there a way to discover the source of this security violation? What is protected? What are the existing permissions? What is trying to access it? What permissions are necessary?
For example, after many hours of analysis, I still don't know if the problem is on the client or the server. I see no log entries anywhere explaining the security violation. If I stop the Fax Service, then clients complain that there is no Fax Server, so
I am getting as far as trying to connect, but after I re-start the Fax Service, I am right back to my permissions problem, meaning I have learned nothing. Is the client deciding that it can't connect or is the server rejecting the connection? Is there a log
anywhere that can tell me?
So, my question is less about the specifics of the Windows Fax Server, and more about the general question, "How do I debug security violations in a GPO Managed Windows Domain?". This is a problem of opacity that Microsoft has not handled well, but I am not the first person to encounter this and I hope that smarter people than I have prevailed over this and have some worthwhile advice.
Thanks for the help,
Chris.