Solved

Exchange 2003 w SP2 not functioning due to DEP error messages, also event ID 7004 and 7010

Posted on 2007-04-03
15
1,400 Views
Last Modified: 2013-12-04
I'm on a Windows 2003 server with SP2,  Exchange 2003 standard w SP2, Symantec Enterprise and GFI Mail essentials. Today we started having problems with the server not sending or receiving email. When I logged onto the server the DEP (Data Execution Protection). I upgraded the server to W2K3 SP2 in an attempt to resolve the issue. However, as soon as rebooted and logged back in I started receiving error messages that the IIS worker process failed to start. The DEP settings are currently set to on for all programs and services except those I select. The following are selected: autdlsvc, IIS worker process, Internet Information Services.
Not long after the restart the exchange went down again with the error that the Exchange system manager failed to retrievce queues for the SMTP Virtual Server (error code= 0x800706D9). I've also checked the event logs, and I've two different event IDs that seem to relate to my current problem. After looking into those events, I updated the NIC drivers to the most current verision, ran diagnostics on the nics without errors, and rebooted again. The same issues occurred again. Any help would be greatly appreciated. Thanks.
0
Comment
Question by:bvcorson
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
15 Comments
 

Author Comment

by:bvcorson
ID: 18846918
This same issue is also occurring at several other client sites with some variations. The constants have been IIS worker process error messages, and email problems.
0
 
LVL 11

Expert Comment

by:AnthonyP9618
ID: 18847435
Did anything else change before you upgraded to SP2?  No recent driver changes, anything at all?

Well.. it seems apparent that the SP2 install seems to have messed up IIS.  So, now you have 2 problems...

Have you tried removing SP2 and refocusing on the initial issue?
0
 

Author Comment

by:bvcorson
ID: 18848020
The problem with IIS was prior to the SP2 install. The initial DEP message was blocking IIS, then after I modified DEP, I started getting the IIS worker process error. This is going on on another clients 2003 server with SP1 as well. Other than these items, there haven't been any recent driver changes or patches installed.
0
Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

 
LVL 27

Expert Comment

by:Tolomir
ID: 18848036
You might want to try this:

http://www.myagent.dk/2006/06/03/iis-6-worker-process-is-evil/

The solution: in your boot.ini put "/noexecute=AlwaysOff"
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 18848045
See also:

http://www.tek-tips.com/viewthread.cfm?qid=1333388

DEP is most useful on systems that web browsing is run on and on which 3rd party apps are regularly installed. If your system is respected as a server and a DC, I would trade DEP for IIS stability by disabling DEP.

To do this:

Get Properties on My Computer -> Advanced -> Startup & recovery -> Setting -> Edit and change the /NoExecute setting to /NoExecute=AlwaysOff

The change will apply after a reboot.
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 18848059
On tek-tips they blame IE 7 for the culprit:

"IE7 was the culprit. I uninstalled it and ever since I had no trouble."

Tolomir
0
 

Author Comment

by:bvcorson
ID: 18848065
I think that this will probably work, but then aren't I opening up the server to malicious programs taking advantage of turning the service off.
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 18848089
No, since you know what programs are installed on the server.

Don't you?

Tolomir
0
 

Author Comment

by:bvcorson
ID: 18848093
I'll give it a shot.
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 18848102
DEP is no general intrusion prevention. One has to install or execute the intruder.

It's rather designed to block attempts of programs to get higher permissions than windoes/the user intends.

Please take a look at http://support.microsoft.com/kb/875352 for details.

As it seems some program maybe really IE 7 is triggering DEP. You might want to deinstall the browser and check again.

Tolomir  
0
 

Author Comment

by:bvcorson
ID: 18848120
IE7 was never installed.
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 18848189
Take a look at:

http://support.microsoft.com/kb/843106

How to troubleshoot the "504 need to authenticate first" SMTP protocol error

Event Type: Error
Event Source: MSExchangeTransport
Event Category: SMTP Protocol
Event ID: 7004

Date: 1/13/2004
Time: 5:23:43 PM
User: N/A
Computer: COMPUTERNAME
Description: This is an SMTP protocol error log for virtual server ID 1, connection #29. The remote host "E2k3server1.contoso.com", responded to the SMTP command "xexch50" with "504 Need to authenticate first ". The full command sent was "XEXCH50 2336 3 ". This will probably cause the connection to fail.

Event Type: Error
Event Source: MSExchangeTransport
Event Category: SMTP Protocol
Event ID: 7010
Date: 1/13/2004
Time: 5:43:49 PM
User: N/A Computer: COMPUTERNAME
Description: This is an SMTP protocol log for virtual server ID 1, connection #30. The client at "6.5.2.4" sent a "xexch50" command, and the SMTP server responded with "504 Need to authenticate first ". The full command sent was "xexch50 1092 2". This will probably cause the connection to fail. These events indicate that the XEXCH50 protocol sink fired, but the exchange of the blobs failed between the servers listed in the events.


Does that fit for you? Check the link for a possible solution.

Tolomir
0
 
LVL 1

Accepted Solution

by:
twfrost earned 500 total points
ID: 19154683
I think I have the fix - Upgrade your GFI Mail Essentials version 12 to the latest 2007 build.  Once I reinstalled mine that seemed to fix the issue.

Here are my specs.
Windows 2003 Server Std sp1 -when issue started - upgraded to SP2
Exchange Server 2003 Std SP2
GFI Mail Essentials 12
Symantec Mail Security

I previously tried running Windows 2003 SP2, ran AV and MRT scans, Stopped the DEP using /NoExecute/AlwaysOff switch in boot.ini, Uninstalled IE7.  None of these stopped the IIS (inetinfo.exe) from stopping and restarting and thus stopping and starting my SMTP service for Exchange.

Terry
0
 
LVL 71

Expert Comment

by:Chris Dent
ID: 19708193

No comment has been added to this question in more than 21 days, so it is now classified as abandoned.

I will leave the following recommendation for this question in the Cleanup Zone:
ACCEPT: twfrost {19154683}

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

Chris-Dent
Experts Exchange Cleanup Volunteer
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A quick step-by-step overview of installing and configuring Carbonite Server Backup.
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
The purpose of this video is to demonstrate how to set up an account with Mailchimp. This will be demonstrated using a Windows 8 PC. Tools Used are: Mailchimp.com Go to Mailchimp.com : Enter an Email, Username, and Password. Click Create My Acco…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question