|
Posted by Steven L Umbach on July 30, 2006, 8:30 pm
If you were Registered and logged in, you could reply and use other advanced thread options
The fact that you noticed lots of errors for services at startup leads me to
believe something went wrong with the upgrade to R2 and there may not be an
easy fix. You might also consider leaving just one network adapter in the
server. In general you want to avoid having a multihomed domain controller.
If you have not done so yet run the latest support tools netdiag and dcdiag
on that domain controller to see what problems, if any, are reported. Verify
that the tcp/ip configuration is correct [which should be static] including
DNS, subnet, and default gateway and compare to functioning domain
controller with the command ipconfig /all. You may also want to cross post
in the server general and networking newsgroups as your problem is not
really security related and you are more likely to get helpful responses in
the appropriate newsgroups.
Steve
> Morning to all -
>
> I just spent the last 6 hours with dell gold software support team trying
> to
> figure out the following occurrence:
>
> The upgraded R2 DC does not accept incoming connections, but it appears it
> accepts certain connections. Particularly those related to directory
> services.
>
> e.g. telnet server ip 389 from the mail server works. \serverip or
> servername brings up the shared printers and folders perfectly.
>
> outbound traffic and icmp works fine, inbound icmp returns a time out.
>
> scenario:
>
> Windows 2000 SP4 DC in-place upgrade to windows 2003 SP1 then upgrade to
> R2.
> connections to and from box were fine on 2003 sp1.
> downgraded NIC drivers to match other r2 DC on identical server
> hardware/model
> installed new nic drivers and proset
> upgraded to R2.
> rebooted and noticed a ton of errors with services hanging upon boot.
> checked connection to the box from workstations and servers, but all
> requests
> timed out.
> i made sure ICF was disabled.
> i disabled IPSEC and entered dword value for ProhibitIpSec - nothing
> i then enabled ICF configured exceptions - explicitly allowing ICMP, and
> still nothing.
> reset the TCP/ip stack and winsock using netsh, nothing
> servers has two nics, one of which is disabled. changed binding order so
> active is on top -- nothing
> reinstalled the binaries of windows 2003 sp1 and upgraded to r2 again --
> nothing.
>
> i'm at a lost of ideas and sure could use the vast resources the
> contributors
> of this group may have or know of.
>
> **To make matters even more confusing, workstations located outside of
> this
> main office site that are connected via ipsec vpn can ping this server!!!
>
> The bad part it may not be blocking just ICMP.
>
> --
> ---
> I do what i got to do in order to do what i want to do...
>
> Message posted via WinServerKB.com
> http://www.winserverkb.com/Uwe/Forums.aspx/windows-security/200607/1
>
| 
XML site map