Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 356
  • Last Modified:

primary domain controler no comming up on network

windows 2003 server, primary domain controler
 - boots into safemode, i can access from the network and pings

during normal bootup, i get a ping reply, then all of a sudden stops

also running DNS & DHCP
 - can't see anything major in the logs that is stopping anything from running

hardware replaced still same issue, not a hardware pbolem.
0
funnymanmike
Asked:
funnymanmike
1 Solution
 
rharland2009Commented:
Are you running AV or other security SW on this DC?
What are some other processes/apps that run at full startup and don't run in safe mode?
Start there.
I'm assuming the NIC shows as connected when the DC is running. Are there any services that should be running that aren't?
Has anything changed on this DC recently? Did it previously boot normally with success?

0
 
MildlyDisturbedCommented:
I had the same thing happen once - replaced the NIC with another one the exact same, no dice.  Added a second nic and all of the sudden everything started working.  It's not a *good* solution, but it did work for me, and then I was able to remove said nic and everything worked.

I think the server rebuilt some database when I added a secondary...
0
 
funnymanmikeAuthor Commented:
found the issue, here are notes

Automatic updates accidnetly clears IPSec policy, forcing network lockout of machine

Event Type:      Error
Event Source:      IPSec
Event Category:      None
Event ID:      4292
Date:            1/5/2010
Time:            12:12:07 PM
User:            N/A
Computer:      VSNJPDC01
Description:
The IPSec driver has entered Block mode. IPSec will discard all inbound and outbound TCP/IP network traffic that is not permitted by boot-time IPSec Policy exemptions. User Action: To restore full unsecured TCP/IP connectivity, disable the IPSec services, and then restart the computer.  For detailed troubleshooting information, review the events in the Security event log.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 00 00 00 00 01 00 54 00   ......T.
0008: 00 00 00 00 c4 10 00 c0   ....Ä..À
0010: 01 00 00 00 00 00 00 00   ........
0018: 00 00 00 00 00 00 00 00   ........
0020: 00 00 00 00 00 00 00 00   ........


On affected system backup (export) the following key

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft]

Export the following registry from a working system that resembles the affected system

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\windows\IPSec


Import the IPSec key to the affected system

Delete all subkey's of

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\windows\IPSec\Policy\Local

Reboot system


0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now