http://support.microsoft.com/kb/898060
> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Kurt Falde > Sent: Saturday, July 29, 2006 5:19 PM > To: ActiveDir@mail.activedir.org > Subject: Re: [ActiveDir] R2 In-Place Upgrade bug ? > > I would definitely get the tcpip.sys hotfixes applied as this > sounds very symptomatic of ms05-019 issues. > > Kurt Falde > Sent from my Windows Mobile Phone > > > -----Original Message----- > From: "HBooGz"<[EMAIL PROTECTED]> > Sent: 7/29/06 10:58:58 AM > To: "ActiveDir@mail.activedir.org"<ActiveDir@mail.activedir.org> > Subject: Re: [ActiveDir] R2 In-Place Upgrade bug ? > > I applied no post sp-1 fixes, but i would imagine it's worth a try. > > do you guys want to hear something even more mind-boggling ? > > i can ping the server from workstations outside the main office!!! > > i've remotely connected to workstations at our IPSEC vpns to > test login times and email access,a nd pinged the problematic > server just fine!!! > > arghhh > > Matheesha: > > Incoming connections i mean services that somehow are not > defined to the server. I run a repadmin /replsum from another > dc and it shows no errors. i run a dcdiag /s:problemserver > with no problem. so it means that directory service traffic > is allowed, but when i try to Dameware ( tcp port 6129) to > the machine it times out, when i try to the ping the box i > get nothing from the main office! > > i checked the IPSEC domain and Standard profile and made sure > no IPSEC polocies were applied. > > if it's the SCW -- how do i look at it ? > > could it someway be my checkpoint firewall at the local site > ? how in the world can it accept icmp from other workstations > ( win2k pro) at my remote vpn sites ? > > > > > > On 7/29/06, Kurt Falde <[EMAIL PROTECTED]> wrote: > > > > Did you apply the post SP1 security hotfixes? I know there are a > > couple of updates for tcpip.sys which fix issues which will > cause AD > > repl issues from a couple times in the field. Check out > > http://support.microsoft.com/kb/898060 or for the latest tcpip.sys > > http://www.microsoft.com/technet/security/bulletin/MS06-007.mspx . > > > > > > > > *Kurt Falde* > > ------------------------------ > > > > *From:* [EMAIL PROTECTED] [mailto: > > [EMAIL PROTECTED] *On Behalf Of *HBooGz > > *Sent:* Saturday, July 29, 2006 5:39 AM > > *To:* ActiveDir@mail.activedir.org > > *Subject:* [ActiveDir] R2 In-Place Upgrade bug ? > > > > > > > > Morning to all - > > > > I just spent the last 6 hours with dell gold software support team > > trying to figure out the following occurrence: > > > > The upgraded R2 DC does not accept incoming connections, but it > > appears it accepts certain connections. Particularly those > related to > > directory services. e.g. telnet *server ip* 389 from the > mail server > > works. \\*serverip or servername *brings up the shared > printers and folders perfectly. > > > > outbound traffic and icmp works fine, inbound icmp returns > a time out. > > > > scenario: > > > > Windows 2000 SP4 DC in-place upgrade to windows 2003 SP1 > then upgrade > > to R2. > > connections to and from box were fine on 2003 sp1. > > downgraded NIC drivers to match other r2 DC on identical server > > hardware/model installed new nic drivers and proset upgraded to R2. > > rebooted and noticed a ton of errors with services hanging > upon boot. > > checked connection to the box from workstations and > servers, but all > > requests timed out. > > i made sure ICF was disabled. > > i disabled IPSEC and entered dword value for ProhibitIpSec > - nothing i > > then enabled ICF configured exceptions - explicitly > allowing ICMP, and > > still nothing. > > reset the TCP/ip stack and winsock using netsh, nothing servers has > > two nics, one of which is disabled. changed binding order > so active is > > on top -- nothing reinstalled the binaries of windows 2003 sp1 and > > upgraded to r2 again -- nothing. > > > > i'm at a lost of ideas and sure could use to vast resources the > > contributors of this group may have or know of. > > > > Thanks, > > > > > > > > > > > > -- > > HBooGz:\> > > > > > > -- > HBooGz:\> > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx