• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 5286
  • Last Modified:

SBS 2008 Console Querying Security Status

I have a Windows SBS 2008 server that for some reason will not get the security status. It just gets stuck on querying. I have uninstalled and reinstalled the SBS Concole to no avail. Any ideas?
0
ryanva
Asked:
ryanva
  • 7
  • 4
  • 3
  • +1
1 Solution
 
ryanvaAuthor Commented:
I don't know if this applies to my situation. The computer status and update status do in fact show correctly, it is only the security status that keeps querying. We are using Symantec Endpoint Protection 11.0.4 and all clients are Windows Vista.
0
 
ryanvaAuthor Commented:
Here are a couple of screenshots of the console
console-home.png
Console.png
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
farazhkhanCommented:
Hi,

The most probable cause could be Symantec Endpoint Protection, which is not completing querying on server as well as client status is 'Checking'....To make sure if this is the cause of problem, disable Symantec Endpoint Protection services temporary and then recheck the status.

Regards,
Faraz H. Khan
0
 
ryanvaAuthor Commented:
It's not Symantec I have disabled it already and have another customer with an identical software configuration and they do not have this problem.
0
 
farazhkhanCommented:
Hi,

Ok, Check event log and let us know if you find any specific error there?

Regards,
Faraz H. Khan
0
 
ryanvaAuthor Commented:
Getting this error not at the time of the query but maybe this has something to do with the issue.

Log Name:      System
Source:        Microsoft-Windows-DistributedCOM
Date:          1/7/2010 5:00:03 PM
Event ID:      10009
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      SBS.mydomain.local
Description:
DCOM was unable to communicate with the computer 192.168.10.117 using any of the configured protocols.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
    <EventID Qualifiers="49152">10009</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2010-01-08T01:00:03.000Z" />
    <EventRecordID>262310</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>SBS.mydomain.local</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">192.168.10.117</Data>
  </EventData>
</Event>
0
 
ryanvaAuthor Commented:
Also getting this one. It looks like these events are occuring from multiple computers all at different times.

Log Name:      System
Source:        Microsoft-Windows-DistributedCOM
Date:          1/7/2010 4:57:23 PM
Event ID:      10006
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      SBS.mydomain.local
Description:
DCOM got error "2147943515" from the computer 192.168.10.117 when attempting to activate the server:
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
    <EventID Qualifiers="49152">10006</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2010-01-08T00:57:23.000Z" />
    <EventRecordID>262309</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>System</Channel>
    <Computer>SBS.mydomain.local</Computer>
    <Security />
  </System>
  <EventData>
    <Data Name="param1">2147943515</Data>
    <Data Name="param2">192.168.10.117</Data>
    <Data Name="param3">{8BC3F05E-D86B-11D0-A075-00C04FB68820}</Data>
  </EventData>
</Event>
0
 
hshaoCommented:
The client firewall needs to be confiured. Please refer to either of the articles below for more info:

"Known post installation event errors in SBS 2008 (and how to resolve them)"
http://blogs.technet.com/sbs/archive/2008/08/26/known-post-installation-event-errors-in-sbs-2008-and-how-to-resolve-them.aspx

"Windows SBS 2008 Known Post Installation Event Errors"
http://support.microsoft.com/kb/957713

Hope this helps!
0
 
farazhkhanCommented:
Hi,

Run Microsoft update and get all latest updates from Microsoft online site.

For the first event check this for several causes and their solutions: http://www.eventid.net/display.asp?eventid=10009&eventno=579&source=dcom&phase=1

For second: http://www.eventid.net/display.asp?eventid=10006&eventno=272&source=DCOM&phase=1

Regards,
Faraz H. Khan
0
 
ryanvaAuthor Commented:
I opened had to reconfigure the Symantec Endpoint Protection firewall to "Allow Local File Sharing" and "Allow Remote Administration". As soon as this firewall change passed downstream everything started working. I am still having a problem with the console as it takes a very long time to it to query the security information it works now but takes a very long time. Is there any way to make it get the information faster?
0
 
hshaoCommented:
WMI is used to query the status but there is no method to control it.

How long exactly does it take to display the information?
0
 
ryanvaAuthor Commented:
At the Console home page it never stops querying. However when you go to the computer page it will show the correct computer security status after a few minutes, which seems like a very long time. It does not take this long on other servers that I have running very similar configurations.
0
 
hshaoCommented:
0
 
thecomputerplaceCommented:
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 7
  • 4
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now