• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 808
  • Last Modified:

SBS2003R2 Cannot join workstations, RPC errors (ISA2004 SP3, SBS SP2)

Greetings SBSers,
I'm installing my latest SBS2003R2 box (HP ML350G5) and all was well until I tried to join a Workstation to the domain. Workstation is a new HP DX2300 dual core box with XP, only thing I have done is uninstall Norton AV and Office 2007. SBS2003R2 has SP2 and ISA2004 SP3. ISA2004 IS running so I'm not suspecting any of the related SBS2003 SP2 problems (unless told otherwise)

If I try to connect using http://servername/connectcomputer I get "Page cannot be displayed" and "Cannot find Server or DNS error". I can resolve the server name using ping -a and nslookup. I did try to join the domain manually (just to see what happened, I know the wizzards are important) and I got an RPC call failoed message.

I've looked up various boards but can't get any usefull info. I have seen that there si some issue with an RPC filter in ISA2004 relating to the above SP application order. I can't find the RPC filter in ISA either on this box or on my operational unit.

Can anyone tell me how move forward I was supposed to be delivering this today but now its a late night sort out. I'll be eternally gratefull. Below are my config /all captures for both Server and work station.

SERVER
Windows IP Configuration

   Host Name . . . . . . . . . . . . : XXXX2003
   Primary Dns Suffix  . . . . . . . : XXXXDOMAIN.local
   Node Type . . . . . . . . . . . . : Unknown
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : Yes
   DNS Suffix Search List. . . . . . : XXXXDOMAIN.local

Ethernet adapter Internal:
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : HP NC373i Multifunction Gigabit Server Adapter
   Physical Address. . . . . . . . . : 00-1B-78-CB-61-4A
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.16.2
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : 192.168.16.2
   Primary WINS Server . . . . . . . : 192.168.16.2

Ethernet adapter External:
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : HP NC110T PCIe Gigabit Server Adapter
   Physical Address. . . . . . . . . : 00-18-71-EA-63-87
   DHCP Enabled. . . . . . . . . . . : No
   IP Address. . . . . . . . . . . . : 192.168.100.250
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.100.254
   DNS Servers . . . . . . . . . . . : 192.168.16.2
   Primary WINS Server . . . . . . . : 192.168.16.2
   NetBIOS over Tcpip. . . . . . . . : Disabled


WORKSTATION
Windows IP Configuration
        Host Name . . . . . . . . . . . . : XXXX-WXPP0003
        Primary Dns Suffix  . . . . . . . :
        Node Type . . . . . . . . . . . . : Hybrid
        IP Routing Enabled. . . . . . . . : No
        WINS Proxy Enabled. . . . . . . . : No
        DNS Suffix Search List. . . . . . : XXXXDOMAIN.local

Ethernet adapter Local Area Connection:
        Connection-specific DNS Suffix  . : XXXXDOMAIN.local
        Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connection
        Physical Address. . . . . . . . . : 00-19-DB-89-16-91
        Dhcp Enabled. . . . . . . . . . . : Yes
        Autoconfiguration Enabled . . . . : Yes
        IP Address. . . . . . . . . . . . : 192.168.16.20
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . : 192.168.16.2
        DHCP Server . . . . . . . . . . . : 192.168.16.2
        DNS Servers . . . . . . . . . . . : 192.168.16.2
        Primary WINS Server . . . . . . . : 192.168.16.2
        Lease Obtained. . . . . . . . . . : 26 July 2007 09:36:38
        Lease Expires . . . . . . . . . . : 03 August 2007 09:36:38


Hope someone is tuned in to thsi this evening . . .cheers
Trev.
0
TrevorWhite
Asked:
TrevorWhite
  • 10
  • 9
  • 2
1 Solution
 
Keith AlabasterCommented:
Have you rerun the ceicw wizard since installing ISA server?
0
 
Keith AlabasterCommented:
Are these new work stations or machines from a previous install? Has the original proxy settings been removed?
0
 
TrevorWhiteAuthor Commented:
Hi kieth,
I have been dealing with a single workstation which is (as mentioned above) a new machine.
There are no proxy settings entered ('tis virgin IE7). Have run the CEICW numerous times as I'm aware it does black magic !!!

Still having the same prob. Have you experienced this anywhere ???

Cheers
Trevor
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Keith AlabasterCommented:
Not on R2, no.

I asume you can ping everything and basic continuity is worrking OK?
If you open the ISA gui, select monitoring - logging - click start query
When you try to run the connectcomputer wizard on the client browser, do you see the entries in the ISA log?

0
 
TrevorWhiteAuthor Commented:
Yes, as I mentioned I can ping and do nslookup OK
have just tried your diagnostic and I see traffic through the ISA . . . nice tool never used it before.
I just put a filter on it to see just the client IP stuff (192.168.16.20) I see an HTTP conection initiated and then closed. There are probably other activities inbetween but were filtered.

What should I see here ????
0
 
Keith AlabasterCommented:
Should see a response also back to the requesting client.
The rpc filter is found (by the way) in configuration - add-ons - I think it is under the application filters as I recall but this is not your issue here.

What rules are now in the isa firewall policy?
0
 
TrevorWhiteAuthor Commented:
Taking the filter off and watching the traffic I see unidentified TCP traffic on port 1186  . . .connection denied. Just got your next comment . . .
0
 
Keith AlabasterCommented:
Literally, just as a test
create a new access rule to allow all outbound traffic from internal & local host TO internal & local host.

Put this rule at the top - this will show if ISA is your issue or if something else is being naughty....
0
 
TrevorWhiteAuthor Commented:
Only the standard rules as per wizards and all. I have added just one protocal and a an associuated rule to publish a pcanywhere server (which I use for remote connections) Standard ports 5631 and 5632 inbound/recieve. Interestingly this feature is not working either, the config is the same as many other boxes I have put together but the host just says 'user trying to log on . . .' and gets no further.
I had put the issue aside but thought I'd mention now in case constructive.

Next from you just arrived . . . Thansk for your time so far much appreciated
Trev.
0
 
Keith AlabasterCommented:
No sweat - only 10.30PM - Another 20 minutes or so before i hit the sack :)
0
 
TrevorWhiteAuthor Commented:
Acces rule or server pub ???
0
 
Keith AlabasterCommented:
Access rule.

Access rules are for outbound traffic arriving/leaving through the internal interface. Publishing is for inbound through the external interface.
0
 
Keith AlabasterCommented:
As this is staying internal it is an access rule as the traffic will never hit the external interface
0
 
TrevorWhiteAuthor Commented:
Sorry about the last stupid Q trying to work too fats.
Set up rule, placed at loc 1 and applied same.
Tried to connectcomputer . . but no go same as before.

Hmmmm
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
This is a known problem caused when Server 2003 SP2 has been installed.  

It's most often fixed by applying the fix from this KB Article:  http://support.microsoft.com/default.aspx/kb/936594

But if that's not it, checkout the section on "Networking issues after installing SP2" at http://sbsurl.com/sp2

Jeff
TechSoEasy
0
 
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Oh, one other thing... remove the WINS server entry on your EXTERNAL NIC.  That shouldn't be there.  After doing that you must rerun the Configure Email and Internet Connection Wizard (CEICW -- linked as "Connect to the Internet on the To-Do list in the Server Management Console)


Jeff
TechSoEasy
0
 
Keith AlabasterCommented:
Can you reset the ie7 on the workstation back to defaults?
Even though it is not a member of the domain, can you open a browser to the ip address of the sbs internal nic? can't recall whether the default port should be 80 or 8080 on SBS.

Have you got another work station you could try?
0
 
Keith AlabasterCommented:
Hey Jeff.

Glad your up as its almost my bedtime :)
0
 
TrevorWhiteAuthor Commented:
Hi Keith and Jeff(will look at that stuff in mo' jeff)

IE7 connection parameters are at default al fields empty and unticked (I have tried to name the server as a proxy but still no go)
Browsed to http://192.168.16.2:80  and got Page cannot be displayed 8080 gives proxy error. I have got my laptop which is currently connected to my operatuonal SBS box but could give it a go.

Trev


0
 
TrevorWhiteAuthor Commented:
Sorry correction to my earlier post, workstation is IE6 as delivered not IE7 same otherwise.
Just connected my laptop (XP pro) disable the FW client released exsiting IP and renewed. Pinged the SBS server and all OK
Tried to connect through Http://XXXX/connectcomputer but got 'Internet explorer cannot display the web page'

Trev
0
 
TrevorWhiteAuthor Commented:
Oh bliss I can go to bed with a smile . . .
Well done Jeff the MS fix did the trick. I wonder if it sorted my pcanywhere host connection issue??
Thanks soooo much both of you. The subscription to EE is worth it each time I get a result from this board let alone the cumulative benefit.
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

  • 10
  • 9
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now