Re: MP stopped working on Windows 2003 DC after MS04-037 patch

From: Kevin Eddy (xpbert_at_hotmail.com)
Date: 01/27/05

• Next message: Berni: "Re: software inventory"
• Previous message: Luke Packard [MSFT]: "Re: software inventory"
• In reply to: Seeker: "Re: MP stopped working on Windows 2003 DC after MS04-037 patch"
• Messages sorted by: [ date ] [ thread ]

Date: Thu, 27 Jan 2005 10:08:03 -0500

This all makes sense, and thanks for the help - it's working now.

As for the DC recommendation, we're a mid-size company (1800 seats) with 16
sites globally. With our Enterprise Agreement and licensing changes in SMS
2003, SMS became financially viable for us with one Primary at HQ and
everything else secondary. We needed secondary sites at each physical
location, and because money was tight, we needed to look for under-utilized
servers. We have a nice hefty machine at each site for a DC, and frankly
they barely get a blip on the networking and CPU usage. A Microsoft Senior
Technology Specialist actually suggested we do it in a conference call with
our various Microsoft reps. Apparently it's becoming fairly common pratice
despite the traditional "don't do anything else on a DC" mentality.

So far, apart from this one issue, it's working out fine. Now it seems to be
fixed, thank you very much.

-- 
Kevin Eddy
"Seeker" <anonymous@discussions.microsoft.com> wrote in message 
news:u8vi%23v%23AFHA.2608@TK2MSFTNGP10.phx.gbl...
> The connection can be read between the lines, and personal experience :-)
>
> The IWAM_computer account is a local account when on a member server, but 
> becomes a domain account when IIS runs on a DC since DCs don't have a 
> local account database, hence the issue becoming manifest on a DC only if 
> the pasword stored locally gets out of synch. with the password in the 
> domain (no clue on why it would get out of synch.) . I don't know who 
> advised you to run secondaries on DCs but most MS best practices recommend 
> member servers for all SMS roles.
>
>
> "Kevin Eddy" <xpbert@hotmail.com> wrote in message 
> news:OQTRXn%23AFHA.3416@TK2MSFTNGP09.phx.gbl...
>> This may be premature, but I think this may have fixed my problem. We'll 
>> see tomorrow if it's all still working. I tried it on two problem sites, 
>> and it seems to be working so far.
>>
>> I am curious *why* it's a problem, and if I can prevent it. Why on DCs 
>> specifically? Microsoft recommended we use the DCs for secondary sites.
>>
>> The article doesn't mention SMS or DC that I can tell, how did you make 
>> the connection?
>>
>>
>> -- 
>> Kevin Eddy
>>
>>
>>
>>
>>
>> "Seeker" <anonymous@discussions.microsoft.com> wrote in message 
>> news:uVSjx48AFHA.3820@TK2MSFTNGP11.phx.gbl...
>>> Running an MP on a DC can cause password synchronization for the IWAM 
>>> account. Check out this article:
>>>
>>> PRB: Configured Identity Is Incorrect for IWAM Account
>>> http://support.microsoft.com/default.aspx?scid=kb;en-us;297989
>>>
>>>
>>> "Kevin Eddy" <xpbert@hotmail.com> wrote in message 
>>> news:eP4uYN8AFHA.3576@TK2MSFTNGP11.phx.gbl...
>>>>I have experienced the MP failures on multiple 2003 DC configured as 
>>>>secondary sites. I can't nail it down to that patch though, since it 
>>>>seems to have worked for a while with that patch on it, then 
>>>>spontaneously stopped working. I can't find any useful help on why. It's 
>>>>working fine at other sites with the same configurations.
>>>>
>>>> I have fixed it at some sites by completely deleting the site and 
>>>> removing IIS, then reinstalling IIS and the site. Doing a site repair 
>>>> hasn't helped.
>>>>
>>>> It always seems to be the "SMS Management Point Pool" getting 
>>>> "unsepcified errors", and then the pool quits and so does the MP.
>>>>
>>>> I really need an answer to this.
>>>>
>>>> I think it's a bigger problem. I may be going to Microsoft Premier 
>>>> Support on this one.
>>>>
>>>> -- 
>>>> Kevin Eddy
>>>>
>>>>
>>>>
>>>>
>>>> "KCI" <KCI@discussions.microsoft.com> wrote in message 
>>>> news:C81FD473-E0A2-4AD6-8E15-7EDDF4676108@microsoft.com...
>>>>> Wondering if anyone has seen this issue with their Windows 2003 site 
>>>>> servers.
>>>>> The only thing these MP had in common was they received the MS04-037 
>>>>> patch.
>>>>> Once they rebooted the MP no longer communicated with the main SMS 
>>>>> site
>>>>> server.
>>>>>
>>>>> I was able to resolve the issue by removing the site server as a MP - 
>>>>> then
>>>>> removing IIS from the server and re-adding IIS back.  Once I added the 
>>>>> site
>>>>> back as an MP again in SMS it seems to communicate without a problem.
>>>>>
>>>>> I guess what I am looking for is some kind of confirmation that this 
>>>>> patch
>>>>> was the actual issue or do I have a bigger problem that I am not aware 
>>>>> of.
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>
> 

• Next message: Berni: "Re: software inventory"
• Previous message: Luke Packard [MSFT]: "Re: software inventory"
• In reply to: Seeker: "Re: MP stopped working on Windows 2003 DC after MS04-037 patch"
• Messages sorted by: [ date ] [ thread ]

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint