Re: ISA 2004 and Exchange 2003 Error
- From: "ZVR" <nospamever@xxxxxx>
- Date: Thu, 8 Dec 2005 22:46:35 -0500
That would be much better.
Virgil
"Thomas" <Thomas@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:7DA7ACD2-624D-4173-B294-2B1AA4848DB8@xxxxxxxxxxxxxxxx
> Ok then
>
> I am going to rethink my plan of action....
>
> I may make my Exchange server the only active directory computer and then
> have the ISA server only for ISA.
>
> Thank you
>
> Thomas
>
> "ZVR" wrote:
>
>> ISA 2004 as opposed to ISA2000 protects all interfaces - including
>> "Internal". Therefore, when you install ISA2004 on your domain
>> controller,
>> all protocols are blocked (on the internal interface as well) and domain
>> traffic does not get through. You are basically putting a firewall
>> in-between your clients and the domain authentication services (which
>> incidentally run on the same machine but that is not relevant, the
>> concept
>> is important).
>>
>> Anyway, you should NOT run ISA on a domain controller, but I'm sure
>> you've
>> been told that already. If you insist on making it work in the present
>> config, then you need to create rules on your ISA2004 allowing access
>> from
>> "Internal" to "Localhost" ("Localhost" is a built-in network object that
>> represents the ISA2004 computer).
>>
>> Also for other things like remote management of your ISA2004 machine
>> (through TS for example), make sure that you have all the right settings
>> in
>> the System Policy. The System Policy exists on all ISA2004 machine, it
>> applies before the firewall policy (which contains all your
>> "user-defined"
>> rules), and can be edited through the special task interface in ISA2004
>> Management Console. As a rule of thumb, when you want to do something
>> that
>> involves the ISA2004 computer in some way, always check the System Policy
>> first.
>>
>> Virgil
>>
>>
>>
>>
>> "Thomas" <Thomas@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>> news:D586E3F5-50D6-4844-943C-E9675743DBBC@xxxxxxxxxxxxxxxx
>> >I am trying to install ISA 2004 on a 2003 server with SP1 and when I do
>> >so
>> > the exchange system store and MTA stacks can no longer start on the
>> > exchange
>> > server. Can someone please help.
>> >
>> > Here is a more detailed description of what my current configuration
>> > is.
>> > We
>> > have 2 physical servers both running windows server 2003 SP1. the
>> > first
>> > one
>> > is a dedicated exchange server with exchange server 2003 SP1, and the
>> > other
>> > is the gateway server running ISA 2000. the ISA server is the master
>> > domain
>> > controller, the schema master, the master browser and so on. The
>> > exchange
>> > server is a back up domain controller, with Active directory and DNS
>> > installed in it.
>> >
>> > What I am doing is I uninstall ISA 200o form the ISA server and then go
>> > to
>> > install the ISA 2004 because I want a clean install. I am able to get
>> > the
>> > internet to work for all networked computers through the ISA server,
>> > but
>> > what
>> > is not working is the exchange services in the exchange server can no
>> > longer
>> > run.
>> >
>> > What seems to be happening to me in looking at the error logs and so on
>> > are
>> > that that the exchange server can no longer see the ISA server like it
>> > used
>> > to, for example I don't think it is able to propagate the active
>> > directory
>> > correctly among other things.
>> >
>> > I am guessing that the ISA 2004 needs some ports or settings changed on
>> > it
>> > but I can not figure it out... I searched TechNet and everywhere else
>> > that
>> > I
>> > could find.
>> >
>> > please help.
>> >
>> > some of the errors I got in the event logs are
>> > ___________________________________________________________________
>> > LDAP Bind was unsuccessful on directory dc2.source.local for
>> > distinguished
>> > name ''. Directory returned error:[0x51] Server Down.
>> > ___________________________________________________________________
>> >
>> > Unexpected error The specified domain either does not exist or could
>> > not
>> > be
>> > contacted. Facility: Win32 ID no: c007054b Microsoft Exchange System
>> > Attendant occurred.
>> > ____________________________________________________________________
>> >
>> > Process INETINFO.EXE (PID=1664). Topology Discovery failed, error
>> > 0x80040a02.
>> > ___________________________________________________________________
>> >
>> > Could not open LDAP session to directory 'dc2.source.local' using local
>> > service credentials. Cannot access Address List configuration
>> > information.
>> > Make sure the server 'dc2.source.local' is running.
>> >
>> > ______________________________________________________________
>> >
>> > and I got many other errors....
>> >
>> > Please help
>> >
>> > Thank you in advance
>> >
>> >
>> >
>>
>>
>>
.
- References:
- Re: ISA 2004 and Exchange 2003 Error
- From: ZVR
- Re: ISA 2004 and Exchange 2003 Error
- From: Thomas
- Re: ISA 2004 and Exchange 2003 Error
- Prev by Date: Re: VPN thru ISA 2004 to external sites
- Next by Date: Re: No rule application !!!
- Previous by thread: Re: ISA 2004 and Exchange 2003 Error
- Next by thread: Re: two listeners for https isa2004
- Index(es):
Relevant Pages
|
Loading
