sylvain_langlois
asked on
Windows server 2003 does not communicate with network
Hello,
After installing Service Pack 1 on my Windows Server 2003, the server does not communicate anymore with the rest of my network. This server is a DC. Here's what happens:
During the startup process, the server is "pingable" for a short period of time. Then, there's a window that pops-up saying that "At least one service or driver failed during system startup. Use event viewer to examine the event log for details." At that point, the server acts like it's offline.
I checked the device manager and my network card status is ok. Windows even tells me that the card is connected to the network. Pinging 127.0.0.1 works.
After examining the event viewer, here's what I found:
Event ID: 4292
Source: IPSec
Type: Error
Description: The IPSec driver has entered Block mode. IPSec will discard all inbound and outbound TCP/IP network traffic that is not permitted by boot-time IPSec Policy exemptions. User Action: To restore full unsecured TCP/IP connectivity, disable the IPSec services, and the restart the computer. For detailed troubleshooting information, review the events in the Security event log.
Event ID: 7023
Source: Service Control Manager
Type: Error
Description: The IPSEC Services service terminated with the following error: The system cannot find the file specified.
When I look in the services window, I see that the IPSEC Services is stopped. When I try to start it, I get a pop-up saying "Could not start the IPSEC Services service on Local Computer. Error 2: The system cannot find the file specified."
I don't want to disable the IPSec services as suggested in the first error description. I have another Windows Server 2003 SP1 (another DC), and the IPSec service is working fine.
I tried to remove the NIC from the device manager and I rebooted to reinstall it. I tried rebuilding the TCP/IP stack (netsh int ip reset). I tried repairing Winsock (netsh winsock reset). I tried scanning the Windows protected file (sfc /scannow). The only thing that kinda solved my problem was uninstalling SP1. Of course, that is not really an option...
Thanks for your help!
Syl
After installing Service Pack 1 on my Windows Server 2003, the server does not communicate anymore with the rest of my network. This server is a DC. Here's what happens:
During the startup process, the server is "pingable" for a short period of time. Then, there's a window that pops-up saying that "At least one service or driver failed during system startup. Use event viewer to examine the event log for details." At that point, the server acts like it's offline.
I checked the device manager and my network card status is ok. Windows even tells me that the card is connected to the network. Pinging 127.0.0.1 works.
After examining the event viewer, here's what I found:
Event ID: 4292
Source: IPSec
Type: Error
Description: The IPSec driver has entered Block mode. IPSec will discard all inbound and outbound TCP/IP network traffic that is not permitted by boot-time IPSec Policy exemptions. User Action: To restore full unsecured TCP/IP connectivity, disable the IPSec services, and the restart the computer. For detailed troubleshooting information, review the events in the Security event log.
Event ID: 7023
Source: Service Control Manager
Type: Error
Description: The IPSEC Services service terminated with the following error: The system cannot find the file specified.
When I look in the services window, I see that the IPSEC Services is stopped. When I try to start it, I get a pop-up saying "Could not start the IPSEC Services service on Local Computer. Error 2: The system cannot find the file specified."
I don't want to disable the IPSec services as suggested in the first error description. I have another Windows Server 2003 SP1 (another DC), and the IPSec service is working fine.
I tried to remove the NIC from the device manager and I rebooted to reinstall it. I tried rebuilding the TCP/IP stack (netsh int ip reset). I tried repairing Winsock (netsh winsock reset). I tried scanning the Windows protected file (sfc /scannow). The only thing that kinda solved my problem was uninstalling SP1. Of course, that is not really an option...
Thanks for your help!
Syl
ASKER
Hello,
1- Windows Firewall is off
2- I didn't see any Security Wizard... How would I run it?
3- It is statis and, yes, it can ping its own network IP address
4- This server does not run ISA...
Thanks for your help!
Syl
1- Windows Firewall is off
2- I didn't see any Security Wizard... How would I run it?
3- It is statis and, yes, it can ping its own network IP address
4- This server does not run ISA...
Thanks for your help!
Syl
If you use powerchute, disable the PBE agent in SAFE MODE and upgrade it to v7. The java certificate in the old java runtime engine died 7/27/2005. -gsgi
it seems that at least one of the IPSEC related files of W2K3 missed or corrupt after SP1 installed. is the order of the above-mentioned events just the order appears in windows event log? any more related items in your windows event logs?
ASKER
gsgi: powerchute is not installed on that computer.
bbao: the event ID 4292 appears first, then the 7023. They appear in the System event log. I checked the application log, there are 3 errors, they appear between the event 4292 and 7023.
First...
Event ID: 1097
Source: Userenv
Type: Error
Description: Windows cannot find the machine account. No authority could be contacted for authentication.
Then...
Event ID: 1030
Source: Userenv
Type: Error
Description: Windows cannot query the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this.
Finally...
Event ID: 1054
Source: Userenv
Type: Error
Description: Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted). Group policy precessing aborted.
Thanks for you help!
Syl
I listed these as I thought of them, maybe check 3, then 5, then 4, then 1, then 2. sorry - gsgi
1. You might try http://www.spychecker.com/program/winsockxpfix.html
2. You might try uninstalling sp1 and reinstalling sp1
3. It is possible that it is a simple as you nic came up disabled in network settings
4. It is possible that sp1 loaded a new driver for your nic - can you run nic utils
5. This usenet article says to add "Client for Microsoft Network"
http://groups-beta.google.com/group/microsoft.public.windowsxp.security_admin/browse_thread/thread/4a9080f7d99c8fb4/a1efdeb3ce2b119a?lnk=st&q=Could+not+start+the+IPSEC+Services+7023&rnum=7&hl=en#a1efdeb3ce2b119a
1. You might try http://www.spychecker.com/program/winsockxpfix.html
2. You might try uninstalling sp1 and reinstalling sp1
3. It is possible that it is a simple as you nic came up disabled in network settings
4. It is possible that sp1 loaded a new driver for your nic - can you run nic utils
5. This usenet article says to add "Client for Microsoft Network"
http://groups-beta.google.com/group/microsoft.public.windowsxp.security_admin/browse_thread/thread/4a9080f7d99c8fb4/a1efdeb3ce2b119a?lnk=st&q=Could+not+start+the+IPSEC+Services+7023&rnum=7&hl=en#a1efdeb3ce2b119a
ASKER
gsgi:
1: After running this utility and rebooting, the problem is still there
2: I did uninstall and reinstall SP1 and the problem is still there
3: My nic is enabled in the network settings
4: I reinstalled my old nic driver (even though SP1 didn't replace it) and the problem is still there
5: "Client for Microsoft Network" is already installed
1: After running this utility and rebooting, the problem is still there
2: I did uninstall and reinstall SP1 and the problem is still there
3: My nic is enabled in the network settings
4: I reinstalled my old nic driver (even though SP1 didn't replace it) and the problem is still there
5: "Client for Microsoft Network" is already installed
After doing #1 you have to reset all your networking ips, advanced TCPIP, etc. I know you know this but I just have to be sure that you put the ip and stuff back in.
The server is still not communicating on the network at all?
does ipconfig /all from a command window say stuff or error out?
-gsgi
The server is still not communicating on the network at all?
does ipconfig /all from a command window say stuff or error out?
-gsgi
ASKER
gsgi: I didn't need to put the ips back, it was still there. The server does not communicate at all. I tried to start the IPSEC services and I got the same error message.
ipconfig /all gives me the normal response, no error message there.
ipconfig /all gives me the normal response, no error message there.
do you have network connectivity from safe mode with networking.
can you make a list of running services on the dc that is working and compare it to this one?
have you recently uninstalled a firewall or anti virus program?
-gsgi
can you make a list of running services on the dc that is working and compare it to this one?
have you recently uninstalled a firewall or anti virus program?
-gsgi
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
gsgi: Awesome! The solution at the end of the problem you posted did it. Didn't have the registry key but registering the .DLL solved the problem.
Thanks a lot!
Syl
Thanks a lot!
Syl
1) Sp1 has a Windows firewall, just like XP SP2, please make sure it's still OFF, should be by default, but check anyway.
2) Have you run the Security Wizard that comes with SP1?
3) You mentioned you could ping 127.0.0.1, can you ping its own network IP address? May I assume this is a static IP? If it's DHCP assigned, you should really but the DC as a static IMHO.
4) I've read about issues with 2003 SP1 and ISA server issues. Do you run ISA on this host?