Shenook
asked on
SUS Server Issue. DC PROMO breaks SUSadmin. Please help.
I know it's not a great idea to host sus servers and dc's on the the same servers but this is a small multi-site network.
On to the question.
I loaded a sus server on the first DC which is also the Global Catalog server. Not that this matters. I logged into susadmin and updated just fine. I have two other servers configured as member server and added the sus client to them also and updated them just fine also and approved all sus updates I wanted to approve. I could access the http://servername/susadmin just fine until I updated both these member servers to domain controllers and from there we cannot access the SUSadmin page anymore.
I'm stuck on what to do on this. Please anyone with any experience on the matter please provide me with any guidance you may have. I'm not well versed in IIS administration so please keep that in mind.
I appreciate any answers you may have. Thanks.
On to the question.
I loaded a sus server on the first DC which is also the Global Catalog server. Not that this matters. I logged into susadmin and updated just fine. I have two other servers configured as member server and added the sus client to them also and updated them just fine also and approved all sus updates I wanted to approve. I could access the http://servername/susadmin just fine until I updated both these member servers to domain controllers and from there we cannot access the SUSadmin page anymore.
I'm stuck on what to do on this. Please anyone with any experience on the matter please provide me with any guidance you may have. I'm not well versed in IIS administration so please keep that in mind.
I appreciate any answers you may have. Thanks.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I've even tried from a scratch server again and installed sus client and it worked fine and updated fine. Again when I ran DCPROMO I cannot get to http://servername/susadmin anymore. The funny thing is is that it works on the first domain controller. Could this be a DNS issue and how would i fix this. I added DNS to each DC now but that did not fix it either. Anyone?
Have you tried http://xxx.xxx.xxx.xxx/susadmin rather than server name to eliminate DNS as the problem?
ASKER
Good advice but the ip address did not work either. I know it probably has to do with something IIS related but I can't figure it out.
Make sure the ip to sus is in the exception list i have seen problems occur with IIS on a DC when it isn't.
ASKER
I'll try and check that out 7pm PST and let you guys know and go from there.
Your IIS accounts have probably gone out of sync during the promotion. You can try your luck with the synciwam.vbs script.
Domain Controller Demotion Causes Out-of-Process Applications to Fail
http://support.microsoft.com/?kbid=236007
Synciwam Utility Does Not Function and Generates Error 80110414
http://support.microsoft.com/?kbid=269367
PRB: Configured Identity Is Incorrect for IWAM Account
http://support.microsoft.com/?kbid=297989
Domain Controller Demotion Causes Out-of-Process Applications to Fail
http://support.microsoft.com/?kbid=236007
Synciwam Utility Does Not Function and Generates Error 80110414
http://support.microsoft.com/?kbid=269367
PRB: Configured Identity Is Incorrect for IWAM Account
http://support.microsoft.com/?kbid=297989
ASKER
IWAM solution did not resolve problem and we are not using proxy for this network. Any other suggestions? Please let me know.
ASKER
Is this a DNS issue. What can I do to fix this issue? Should I create local dns for each additional server?
ASKER
I dont' get it. Is there anyone who knows enough about this issue? I research this and some sites say you cannot run a SUS server on a Domain Controller but another site says just the opposite. The sad thing is that I have one server running sus and it IS a domain controller. SOmeone please help.
ASKER
OK reloaded windows 2000 server and added server to domain and it worked fine. Again dcpromo'd server and now Susadmin is NOT accessible again. Is there anyone knowledgeable enough to help out on this issue?
I'm not too familiar with IIS either, but my guess is still that your problems have something to do with the web accounts.
What exactly do you mean with "not accessible"? Page not found, access denied? Are there any errors in the event log?
Have you turned on auditing to see if this is a permissions problem?
Have you tried removing SUS and IIS after the dcpromo, then installing both again?
Then you might want to extend your search to http://www.susserver.com/; there's a forum there especially for the SUS.
SUSserver Forums
http://forums.susserver.com/
What exactly do you mean with "not accessible"? Page not found, access denied? Are there any errors in the event log?
Have you turned on auditing to see if this is a permissions problem?
Have you tried removing SUS and IIS after the dcpromo, then installing both again?
Then you might want to extend your search to http://www.susserver.com/; there's a forum there especially for the SUS.
SUSserver Forums
http://forums.susserver.com/
ASKER
Thanks for replying oBda.
Yes the error is page not found. And I did try removing the sus after DCPROMO but cannot remove IIS without depromoting the domain controller. I did try reinstalling sus thereafter but no dice. I can only have sus working all the way up to the point of being a member server then dcpromo. I cannot pinpoint if it's just an IIS setting or DNS or whatnot. Let me know if you have any other ideas. THank a bunch.
Yes the error is page not found. And I did try removing the sus after DCPROMO but cannot remove IIS without depromoting the domain controller. I did try reinstalling sus thereafter but no dice. I can only have sus working all the way up to the point of being a member server then dcpromo. I cannot pinpoint if it's just an IIS setting or DNS or whatnot. Let me know if you have any other ideas. THank a bunch.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Checking this tonight when power comes back up. IF it works I'll close this out. *crosses Fingers*
ASKER
This issue is still Open havent got back to do this yet.
ASKER
There are valid solutions to problems similar to the one I am having. After a week of troubleshooting and aided help we finally determined that the non-conventional single name domain name was causing issues with IIS, DNS and AD. After renaming after a complete reload all is working fine. Single name domain registry fixes did not remedy issue either.
ASKER
Thanks all for the input it is greatly appreciated.
ASKER