primary domain controler no comming up on network

Posted on 2010-01-05
Last Modified: 2012-05-08
windows 2003 server, primary domain controler
 - boots into safemode, i can access from the network and pings

during normal bootup, i get a ping reply, then all of a sudden stops

also running DNS & DHCP
 - can't see anything major in the logs that is stopping anything from running

hardware replaced still same issue, not a hardware pbolem.
Question by:funnymanmike
    LVL 11

    Expert Comment

    Are you running AV or other security SW on this DC?
    What are some other processes/apps that run at full startup and don't run in safe mode?
    Start there.
    I'm assuming the NIC shows as connected when the DC is running. Are there any services that should be running that aren't?
    Has anything changed on this DC recently? Did it previously boot normally with success?

    LVL 1

    Expert Comment

    I had the same thing happen once - replaced the NIC with another one the exact same, no dice.  Added a second nic and all of the sudden everything started working.  It's not a *good* solution, but it did work for me, and then I was able to remove said nic and everything worked.

    I think the server rebuilt some database when I added a secondary...
    LVL 5

    Accepted Solution

    found the issue, here are notes

    Automatic updates accidnetly clears IPSec policy, forcing network lockout of machine

    Event Type:      Error
    Event Source:      IPSec
    Event Category:      None
    Event ID:      4292
    Date:            1/5/2010
    Time:            12:12:07 PM
    User:            N/A
    Computer:      VSNJPDC01
    The IPSec driver has entered Block mode. IPSec will discard all inbound and outbound TCP/IP network traffic that is not permitted by boot-time IPSec Policy exemptions. User Action: To restore full unsecured TCP/IP connectivity, disable the IPSec services, and then restart the computer.  For detailed troubleshooting information, review the events in the Security event log.

    For more information, see Help and Support Center at
    0000: 00 00 00 00 01 00 54 00   ......T.
    0008: 00 00 00 00 c4 10 00 c0   ....Ä..À
    0010: 01 00 00 00 00 00 00 00   ........
    0018: 00 00 00 00 00 00 00 00   ........
    0020: 00 00 00 00 00 00 00 00   ........

    On affected system backup (export) the following key


    Export the following registry from a working system that resembles the affected system


    Import the IPSec key to the affected system

    Delete all subkey's of


    Reboot system


    Featured Post

    Why You Should Analyze Threat Actor TTPs

    After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

    Join & Write a Comment

    One of the most often confused topics in the area DNS is the idea of GLUE records. Specifically, what they are, when they are needed, when they are provided, and how they are created. First, WHAT IS GLUE? To understand GLUE, you must first under…
    There have been a lot of times when we have seen the need to enter a large number of DNS entries in a forward lookup zone. The standard procedure would be to launch the DNS Manager console, create the Zone and start adding new hosts using the New…
    how to add IIS SMTP to handle application/Scanner relays into office 365.
    Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

    733 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    20 Experts available now in Live!

    Get 1:1 Help Now