[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

WIndows 2008 Server Problem  - KB949014 and KB951746

Posted on 2009-02-10
8
Medium Priority
?
1,026 Views
Last Modified: 2012-08-13
This is a follow-up to:
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/Q_24108699.html


If you would take a look at that question.   But here is the scoop:
Rebuilt Windows 2008 Server...full software reload.  All software updates applied.
Made it a DC.  No problems.  Window update wanted to install KB949014 and KB951746. Just like in the previous question.

After the install and booting the DC.  Problem re-occured.....could not ping server, could not view any network shares, could not demote from being a DC.  RPC Service Unavailalbe.

This problem is directly related to KB949014 and KB951746.   Removed them and the problem continues.  These software "fixes" (using that term lightly) fixed my server so that now it will not work.  Runs fine locally, but cannot access from remote desktop or any ot its network shares or ping.

Any one have any ideas what got fixed by these so-called fixes, so that I can un-fix it, without having to do a full software reload again.

Please advise.  Thanks.
0
Comment
Question by:rstuemke
  • 4
  • 4
8 Comments
 
LVL 58

Expert Comment

by:tigermatt
ID: 23634325

If it definitely was those updates which caused the problem, then I would give Microsoft a call. Tell them the problems have occurred on two separate installations when those updates are applied. If updates are causing an issue, they should look into the matter free of charge.

-Matt
0
 

Author Comment

by:rstuemke
ID: 24078529
UPDATE - PLEASE READ TO THE END.....  THANK YOU!!!  This is a step by step scenario of the problem.
The real problem  has been identifie in STEPS 16 and 17.  

Hello,

I have reasonably new Dell 2900 Server that I am preparing for production.  Have gone thru this scenario 4 times, with the same disasterous results.

Here is the scenario overview:

1) Do full disk initialize and software reload.  (Works fine, no problems)

2) Run basic configuration and customization, apply all software updates. (Works fine, no problems)

3) Begin using remote desktop control software (DameWare).    (Works fine, no problems)

4) Server functioning as file server, printer server and web server.  (Works fine, no problems)

5) Install local applications and files and set up network shares. (Works fine, no problems)

6) Promote server to Domain Controller.  (Works fine, no problems).

7) Make the DC a DNS Server.  (Works fine, no problems)

8) Restarts with no problems.  Everything works after the restart.  So far so good.

Up thru this step it has worked fine every time.  No problems, no complaints.  Applications working, network shares visible and accessible.    Everything working correctly.  A NET VIEW <server name> shows all shares.  Can ping the IP.  Remote desktop control software works fine.

9) Applied all Windows updates that now are applicable, since it is a domain controller.  There updates were
    not available prior to promotion to server as a domain controller.  Updates install without problems.  Restart required.

10) This is where everything goes to hell in a handbasket......  here is a list of what quits working:
      a) Cannot PING the IP of the DC from anywhere.  Times out.
      b) Remote desktop software no longer will work.  Will not connect.
      c) NET VIEW <server name>


11) Next, tried it on another server which was also being prepped.  Ran thru the exact same scenario and it quit working
    at the exact same point.  So it is not related to any particular hardware.  

12) Researched problem on the internet.  Found some others with similar problems but no real answers.

13) Repeated steps 1 thru 10 again on the original server.  Same results in step 10.  
    However, took note which updates were applied during step 9.

14) Again, researched the internet and checked several technical forums for any problems related to the installed
    updates.  The updates that seemed to be causing the problem were KB949014 and/or KB951746.  Found some
    similar problems with these, which seemed to be related to what user (authority) that certain system services were
    running under.

15) Ran a procedure found at:
 http://social.microsoft.com/Forums/en-US/winservergen/thread/0468ea14-ba7b-4795-ab39-bfbde6a9017
      Had to do with RPC Service starting.  Did see some RPC errors in Event log, when I tried to demote the crippled
      DC to a server, showing RPC Server Unavailable.
      So thougth it may be the culprit.  Never could do a clean demote after the update problems.

16) Perform steps 1 thru 9 again on the original server.  This time, when applying updates, but not performing
    Step 7.  Did NOT make it a DNS Server.  Applied all updates and rebooted.  NO PROBLEMS.

17) Next made it a DNS Server.  Did NOT apply any updates.  Just added this role.  Server continued to function,
    UNTIL it was restarted.  After the boot, it behaved the same way.   SO, MAKING IT A DNS SERVER AND
    REBOOTING DOES SOMETHING SO THAT IT QUITS WORKING.

18) Disabled the Windows Firewall, just in case that may be the problem, but did not fix the problem.  

I am hoping someone can help me.  Please advise.  Thanks.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 24101170

I will reiterate what I mentioned before. Based on your (very detailed, good work!) analysis of the problem, the updates seem to be the root factor which is causing this issue. Microsoft are the people to help you on that front; the fault with the updates should be reported to them anyway, and Microsoft Support will troubleshoot the issue with you free-of-charge if it is indeed a fault with the Microsoft patches.

-Matt
0
Transaction-level recovery for Oracle database

Veeam Explore for Oracle delivers low RTOs and RPOs with agentless transaction log backup and transaction-level recovery of Oracle databases. You can restore the database to a precise point in time, even to a specific transaction.

 

Author Comment

by:rstuemke
ID: 24101315
I hate to contact MS.  It it such a pain.......
Let me ask one more question....What do you think of the Win 2008 Server Firewall Advanced Security?
Could it be blocked there.  It almost seems like a firewall problem???
0
 
LVL 58

Accepted Solution

by:
tigermatt earned 1500 total points
ID: 24101944

I personally disable Server 2008 Advanced Firewall on all my servers; it's too much hassle. There is the potential that it could be being blocked by a mis-configured firewall, so attempt to disable that and then re-test.

-Matt
0
 

Author Comment

by:rstuemke
ID: 24103058
UPDATE.

I did that also and everythng started working!!  On 2 servers that were DC/DNS machines.  Have another server that is Exchange 2007 and DNS and it is working ok with firewall activated.
Strange.   I have it disabled on all my Win 2003 Servers DC/DNS machines also.  Had hoped to use it, but looks like it is a bust.
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 24105665

What rules do you have set in Inbound Rules? Is there anything disabled, such as DNS, LDAP, Active Directory Domain Services (AD DS), NetBIOS etc.?

-Matt
0
 

Author Closing Comment

by:rstuemke
ID: 31545269
Forgot to close this and award points.  Thanks for the confirmation.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Redirected folders in a windows domain can be quite useful for a number of reasons, one of them being that with redirected application data, you can give users more seamless experience when logging into different workstations.  For example, if a use…
A procedure for exporting installed hotfix details of remote computers using powershell
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question