Chris, It's not just you -- we have the exact same versions and sure enough, I just reproduced the problem. Removing the patch right now...
Thanks for the heads up! Juan Ingles On Fri, Apr 15, 2011 at 1:30 PM, strauss <[email protected]> wrote: > Excellent. I'm going to bet that my particular problem may be influenced by > the fact that all of these servers are on a public network and have firewalls > running. ALL of them. This patch probably blocks a port that I don't have > open except between domain controllers within the subnet - just a suspicion, > since several sites have reported no problem with the patch, and I remember > how much work it took to get AD replication working through the firewalls > years ago. It even blocks remote desktop or terminal server connections, > after most remote server reboots. This has been passed up to our premier > support rep at Microsoft, so I may get an answer at some point telling me > what ports to open after applying it. > > Christopher Strauss, Ph.D. > Call Tracking Administration Manager > University of North Texas Computing & IT Center > http://itsm.unt.edu/ > > -----Original Message----- > From: Action Request System discussion list(ARSList) > [mailto:[email protected]] On Behalf Of Andrew C Goodall > Sent: Friday, April 15, 2011 10:58 AM > To: [email protected] > Subject: Re: WARNING on Microsoft MS11-030 KB2509553 > > Thanks for the heads up - we just verified and that patch did not affect > our test ar servers from communicating with our remote sql db clusters. > > ARS 7.5 patch 4 > SQL 2005 > > Regards, > > Andrew Goodall > Software Engineer 2 | Development Services | jcpenney . www.jcp.com > > -----Original Message----- > From: Action Request System discussion list(ARSList) > [mailto:[email protected]] On Behalf Of strauss > Sent: Thursday, April 14, 2011 10:49 AM > To: [email protected] > Subject: WARNING on Microsoft MS11-030 KB2509553 > > After applying this patch to my Reference Server for the 7.6.04 upgrade: > Windows 2003 R2 x64 with ARS 7.1.00.003 CMDB 2.1.00.02 and ITSM > 7.0.03.009 etc., SQL Server 2005 on remote server), the AR Service > immediately and absolutely refuses to start. On reboot from the > security patches (there were 15 total) the AR Server would not start > automatically, and all subsequent attempts to start it manually saw the > armonitor start, then crash. While troubleshooting with BMC support, it > could not even be started from the command line. > > Removing the KB2509553 security update and rebooting solved the problem > immediately, with the ARS service starting normally. The only other AR > server that I had applied this patch (and all of the others) to was the > Staging Server (Windows 2003 R2 x64 with ARS 7.6.04 CMDB 2.1.00.02 and > ITSM 7.0.03.009 etc.), and it has a local SQL Server hosting the db so > it was not affected. Note that on the problem AR Server, it was still > possible to run the SQL Server Management Studio client (2008) and > connect to the remote db normally, even though the ARS service could > not. > > Security Bulletin MS11-030 KB2509553 is a Critical patch for a > vulnerability in DNS resolution that could allow remote code execution; > it slammed the door shut on something that ARS depends on. Until BMC > comes up with a solution for this, I will not be applying this patch to > any other AR Server, especially my 7.1 production system with a remote > db. > > Christopher Strauss, Ph.D. > Call Tracking Administration Manager > University of North Texas Computing & IT Center > http://itsm.unt.edu/ > > ________________________________________________________________________ > _______ > UNSUBSCRIBE or access ARSlist Archives at www.arslist.org > attend wwrug11 www.wwrug.com ARSList: "Where the Answers Are" > The information transmitted is intended only for the person or entity to > which it is addressed and may contain confidential and/or privileged > material. If the reader of this message is not the intended recipient, > you are hereby notified that your access is unauthorized, and any review, > dissemination, distribution or copying of this message including any > attachments is strictly prohibited. If you are not the intended > recipient, please contact the sender and delete the material from any > computer. > > _______________________________________________________________________________ > UNSUBSCRIBE or access ARSlist Archives at www.arslist.org > attend wwrug11 www.wwrug.com ARSList: "Where the Answers Are" > > _______________________________________________________________________________ > UNSUBSCRIBE or access ARSlist Archives at www.arslist.org > attend wwrug11 www.wwrug.com ARSList: "Where the Answers Are" > _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug11 www.wwrug.com ARSList: "Where the Answers Are"
