[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

IPSEC fails to start after installing SP1 for Windows 2003 on Domain Controller/Global catalog server

Posted on 2005-04-16
17
Medium Priority
?
12,142 Views
Last Modified: 2013-01-23
IPSEC fails to start after installing SP1 for Windows 2003 on Domain Controller/Global catalog server

Eventlog (ID 4292) says:
IPSEC driver has entered block mode.  Ipsec will discard all inbound and outbound TCP/IP network traffic that is not permitted by boot-time IPSec Policy exemptions. To restore full unsecured TCP/IP connectivity, disable the IPSec services, and then restart the computer.  This is event id 4292.  This is a Windows 2003 server machine.

Manually trying to start IPSEC service:
Could not start the IPSEC service
ERROR 2: The system cannot find the file specified.

Also a few Kerberos errors in security log at the same time:
Source security
Event ID 537
Logon process authz
Authentication package Kerberos
Status 0xC000005E

IF I uninstall w2k3 SP1 eveything works again perfectly.
0
Comment
Question by:Christianlawson
  • 3
  • 2
  • 2
  • +9
16 Comments
 
LVL 20

Expert Comment

by:Lazarus
ID: 13799827
Check this link out and see if any of the problems apply to your configuration: http://support.microsoft.com/?scid=kb;en-us;896367&spid=3198
There are a group of known problems with the SP1 update.

You can also do an online scna of your security logs.. that might help: http://www.gfi.com/eventlogscan/
0
 

Author Comment

by:Christianlawson
ID: 13799835
Found the local IP Security policy on this DC was corrupt: https://premier.microsoft.com/default.aspx?scid=kb;en-us;870910

All fine now, never seen this before though
0
 
LVL 20

Expert Comment

by:Lazarus
ID: 13801877
Christianlawson,  Remeber to close the question...
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 12

Expert Comment

by:GinEric
ID: 13803313
Was lasass.exe corrupted?
0
 

Author Comment

by:Christianlawson
ID: 13813844
No the local IP security policy for the machine was corrupted.
0
 
LVL 5

Accepted Solution

by:
Netminder earned 0 total points
ID: 13847967
Closed, 500 points refunded.
Netminder
Site Admin
0
 

Expert Comment

by:poweronedr
ID: 21999913
IPSec Service (if it is not started) blocks all your TCP/IP connections. maybe LASS.EXE is corrupted in C:\Windows\System32, but first try this.
Click on Start
then type:
REGSVR32 polstore.dll

Regards
0
 

Expert Comment

by:djsellin
ID: 22231172
This happened to me too, my server is on sp2, though 4 Microsoft updates were put on before this happened. I found kb912023, deleted the key and ran regsvr32 polstore.dll which fixed the problem.

0
 

Expert Comment

by:satoru_higuma
ID: 22257887
Can anyone help ? I am having exactly the same problem with djsellin after applying monthly critical/security patches for Aug 2008 . Tried to delete regkey and run regsvr32 polstore.dll, but still the problem persists. MY server is Windows 2003 Std SP2. And the server is a member server ,not domain controller.
0
 
LVL 1

Expert Comment

by:deshaw
ID: 26079909
Am stuck up with the same issue. However, I found that it's all happening since polstore.dll registeration getting broken after every reboot and thus IPsec entering Blocked mode during startup and delaying the whole startup and logon process.
Any idea how to make polstore.dll registeration persisting across reboots?
 
0
 

Expert Comment

by:pixelchef
ID: 28474329
poweronedr, thank you for the solution. You solved my problem.
0
 

Expert Comment

by:poweronedr
ID: 28474431
Glad to help!
0
 

Expert Comment

by:Amir4u
ID: 30099546
it solved my problem too ....excellent work
0
 

Expert Comment

by:tsisupport
ID: 32951572
poweronedr, thank you for the solution. Worked great!
0
 

Expert Comment

by:GarethABC
ID: 38809387
excellent helped me too :)
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As the title indicates, I have done this before. It chills me everytime I update the OS on my phone, (http://www.experts-exchange.com/articles/18084/Upgrading-to-Android-5-0-Lollipop.html) because one time I did this and I essentially had a bricked …
I have written articles previously comparing SARDU and YUMI.  I also included a couple of lines about Easy2boot (easy2boot.com).  I have now been using, and enjoying easy2boot as my sole multiboot utility for some years and realize that it deserves …
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.
Suggested Courses

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question