• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

ISA 2004 installation not working

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> Installation >> ISA 2004 installation not working Page: [1]
Login
Message << Older Topic   Newer Topic >>
ISA 2004 installation not working - 6.Nov.2006 8:20:36 PM   
chamann

 

Posts: 12
Joined: 3.May2006
From: New Zealand
Status: offline
Hi,

I installed ISA 2004 on a Windows 2003 SP1 server. Now logging on the server takes 5+ mins and I get the errors below in the Application/Systems logs.

The strange thing is that I have a identical machine that's running ISA 2004 for 6+ months without problems (the new one should replace the old one)

Installation details:

Windows 2003 SP1, all official security/critical hotfixes (installed over windowsupdates), ISA 2004, ISA 2004 SP2.

Installation:

Installed Windows 2003 SP1, updated the machines over windows updates, joined the machine to the domain, tests with dcdiag and netdiag are fine.

Installed ISA 2004, reboot, logon takes 5+ mins and I get the errors below. I tried to install ISA 2004 SP2 but I still get the same errors.

Dcdiag and netdiag are still fine, no errors reported.

Any suggestions?

Cheers,
Christoph


Event Type:    Error
Event Source:    Userenv
Event Category:    None
Event ID:    1097
Date:        6/11/2006
Time:        3:10:50 p.m.
User:        NT AUTHORITY\SYSTEM
Computer:    PRODISA03
Description:
Windows cannot find the machine account, No authority could be contacted for authentication. .

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


Event Type:    Error
Event Source:    Userenv
Event Category:    None
Event ID:    1030
Date:        6/11/2006
Time:        3:10:50 p.m.
User:        NT AUTHORITY\SYSTEM
Computer:    PRODISA03
Description:
Windows cannot query for the list of Group Policy objects. Check the event log for possible messages previously logged by the policy engine that describes the reason for this.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


Event Type:    Error
Event Source:    NETLOGON
Event Category:    None
Event ID:    5783
Date:        6/11/2006
Time:        3:10:49 p.m.
User:        N/A
Computer:    PRODISA03
Description:
The session setup to the Windows NT or Windows 2000 Domain Controller \\PRODDC01.prod.local for the domain PROD is not responsive.  The current RPC call from Netlogon on \\PRODISA03 to \\PRODDC01.prod.local has been cancelled.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


Event Type:    Error
Event Source:    NETLOGON
Event Category:    None
Event ID:    5719
Date:        6/11/2006
Time:        3:10:50 p.m.
User:        N/A
Computer:    PRODISA03
Description:
This computer was not able to set up a secure session with a domain controller in domain PROD due to the following:
The remote procedure call was cancelled.  
This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator.  

ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 50 00 02 c0               P..    

Event Type:    Error
Event Source:    Kerberos
Event Category:    None
Event ID:    7
Date:        6/11/2006
Time:        3:10:50 p.m.
User:        N/A
Computer:    PRODISA03
Description:
The kerberos subsystem encountered a PAC verification failure.  This indicates that the PAC from the client PRODISA03$ in realm PROD.LOCAL had a PAC which failed to verify or was modified.  Contact your system administrator.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 5e 00 00 c0               ^..    
Post #: 1
RE: ISA 2004 installation not working - 7.Nov.2006 3:24:59 PM   
Boedus

 

Posts: 195
Joined: 8.Sep.2006
Status: offline
Have you setup your ISA for Domain communications (LDAP/Kerberos...) ?
Does not looks like.

Once ISA is installed everything is locked down, no traffic at all.

The normal Windows communications are already defined in the firewall settings, they are hidden per default, you can access them by using Firewall Policy > Quick panel, Task tab then Edit system policy rules. Make sure you ISA server is set  up properly in the network settings.

< Message edited by Boedus -- 7.Nov.2006 3:38:00 PM >

(in reply to chamann)
Post #: 2
RE: ISA 2004 installation not working - 7.Nov.2006 7:28:06 PM   
chamann

 

Posts: 12
Joined: 3.May2006
From: New Zealand
Status: offline
Hi,

just double checked it - the system policy allows access to the internal network for all domain related stuff. The strange thing is that dcdiag and netdiag are working without reporting any errors....

Cheers,
Christoph

(in reply to Boedus)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> Installation >> ISA 2004 installation not working Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts