Re: RIS Server 2003 SP1 and XPSP2 issues
- From: "TIMM" <TIMM@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 29 Nov 2005 01:29:09 -0800
SP1 introduced additonal RPC and SAMR security and during the upgrade SP1
adds new entries to NULL Session Pipes. However if you set the " Network
access: Named Pipes that can be accessed anonymously" Group policy then the
updates that SP1 will be over written and thus the workstation will not have
the ability to access SAMR in order to confirm a workstation account exists
in AD.
To fix this problem, set the following registry key
"HKEY_LOCAL_MACHINE\SYSTEM\ControlSet\Services\lanmanserver\parameters\NullSessionPipes" and or Group Policy should include the following entries.
COMNAP
COMNODE
SQL\QUERY
SPOOLSS
LLSRPC
EPMAPPER
LOCATOR
TrkWks
TrkSvr
Browser
Netlogon
LSArpc
samr
Please let me know if this resolves your problem
Good luck!
Tim
"TIMM" wrote:
> Not yet. I rolled SP1 back.
>
> Tim
>
> "gherkin" wrote:
>
> > Did anyone find the solution?
> >
> > Thanks
> >
> > "TIMM" wrote:
> >
> > > I am having exactly the same problem and was wondering if you ever found a
> > > solution.
> > >
> > > "pbirkle" wrote:
> > >
> > > > Nick,
> > > >
> > > > I can get the machines to join the domain if I put in the following under
> > > > the Identifcation section in
> > > > risprep.sif
> > > >
> > > > DomainAdmin = accountname
> > > > DomainAdminPassword = a domain password with permissions to add machines to
> > > > domain
> > > > JoinDomain = our domain name
> > > >
> > > > I I don't put in a username and password and just try DoOldStyleDomainJoin =
> > > > Yes
> > > > the machines won't join the domain after they have been RIS imaged.
> > > >
> > > > Peter
> > > >
> > > > "Nick Payne" wrote:
> > > >
> > > > > Maybe the GUID recognition has changed with the SP. We found that to be a
> > > > > problem when upgrading our RIS servers from Win2000 to Win2003. Any
> > > > > workstation built from a 2000 server that we rebuilt after the server had
> > > > > been upgraded to 2003 acquired a new workstation name rather than reusing
> > > > > the existing name.
> > > > >
> > > > > Having said that, our RIS image is WinXP SP2 for Dell
> > > > > GX150/240/260/270/280/620, and we found no change at all when we upgraded
> > > > > the servers from Win2003 to Win2003 SP1. We don't do anything with the GUID
> > > > > pre-installation though.
> > > > >
> > > > > Nick
> > > > >
> > > > > "pbirkle" <pbirkle@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> > > > > news:854A7AB0-EE5A-4AA6-B368-B54D480AD409@xxxxxxxxxxxxxxxx
> > > > > >I have been using RIS 2003 on Server 2003 without SP1 to deploy XPSP2
> > > > > >images
> > > > > > for DELL Optiplex GX 280's for 2 months with no issues and its been
> > > > > > working
> > > > > > fine until we put SP1 on our 3 Domain Controllers running Server 2003.
> > > > > >
> > > > > > We are using PXE Boot from the DELL Optiplex GX 280 and this works fine we
> > > > > > get a DHCP address no problems we get Network Boot and see the RIS Menu
> > > > > > this
> > > > > > all works fine.
> > > > > >
> > > > > > I select a RIS Image which I know worked and away it goes imaging the
> > > > > > machine.
> > > > > > Now when the machine is finished imaging and does its reboot it tries to
> > > > > > join our AD
> > > > > > domain and seems to struggle joining. Then after about 1 minute the
> > > > > > machine
> > > > > > then finishes the rest of its network setup and reboots.
> > > > > >
> > > > > > Now when I go to logon to the domain the machine hasn't joined the AD
> > > > > > domain
> > > > > > its only allowing us to log in locally.
> > > > > >
> > > > > > Its only happened since we installed SP1 on 2003 on our DC's.
> > > > > >
> > > > > > Now the part that is supposed to join our machines to the domain us under
> > > > > > Identifcation section in the risprep.sif
> > > > > >
> > > > > > I currently have this JoinDomain = %MACHINEDOMAIN%
> > > > > > DoOldStyleDomainJoin = Yes
> > > > > > I have also tried using JoinDomain = ad.uow.edu.au our AD DNS name but
> > > > > > nothing works.
> > > > > >
> > > > > > Wer also pre-stage our machines into AD with the GUID number and so the
> > > > > > machine names are already in AD and this has worked fine. If anyone has
> > > > > > any
> > > > > > idea's I wouold very much appreciate your hely because I have several
> > > > > > hundred
> > > > > > machines to rollout in the next few months.
> > > > > >
> > > > > > Peter Birkle
> > > > > >
> > > > > > Here is my risprep.sif file
> > > > > >
> > > > > > ITS RIS Answer file version # 1.1
> > > > > > [data]
> > > > > > AutoPartition=1
> > > > > > floppyless = "1"
> > > > > > msdosinitiated = "1"
> > > > > > OriSrc = "\\%SERVERNAME%\RemInst\%INSTALLPATH%\%MACHINETYPE%"
> > > > > > OriTyp = "4"
> > > > > > LocalSourceOnCD = 1
> > > > > >
> > > > > >
> > > > > > [SetupData]
> > > > > > OsLoadOptions = "/noguiboot /fastdetect"
> > > > > > SetupSourceDevice
> > > > > > ="\Device\LanmanRedirector\%SERVERNAME%\RemInst\%INSTALLPATH%"
> > > > > > SysPrepDevice="\Device\LanmanRedirector\%SERVERNAME%\RemInst\%SYSPREPPATH%"
> > > > > > SysPrepDriversDevice="\Device\LanmanRedirector\%SERVERNAME%\RemInst\%SYSPREPDRIVERS%"
> > > > > >
> > > > > > [Unattended]
> > > > > > UnattendMode=FullUnattended
> > > > > > OemSkipEula = yes
> > > > > > OemPreinstall = yes
> > > > > > TargetPath = \WINDOWS
> > > > > > OemPnpDriversPath =
> > > > > > \Drivers\Chipset;\Drivers\Network\;\Drivers\Video;\Drivers\Audio
> > > > > > DriverSigningPolicy = ignore
> > > > > > FileSystem = LeaveAlone
> > > > > > ExtendOEMPartition = 0
> > > > > > InstallFilesPath = "\\%SERVERNAME%\RemInst\%INSTALLPATH%\%MACHINETYPE%"
> > > > > > LegacyNIC = 1
> > > > > >
> > > > > > [GuiUnattended]
> > > > > > AdminPassword=password
> > > > > > EncryptedAdminPassword=No
> > > > > > OEMSkipRegional=1
> > > > > > TimeZone=255
> > > > > > OemSkipWelcome=1
> > > > > >
> > > > > > [GuiRunOnce]
> > > > > > "%systemdrive%\tsm5203.bat"
> > > > > > "%systemdrive%\mcafee8.bat"
> > > > > > "%systemdrive%\scanrout.bat"
> > > > > >
> > > > > > [Shell]
> > > > > > DefaultStartPanelOff = Yes
> > > > > > DefaultThemesOff = Yes
> > > > > >
> > > > > > [OEM_Ads]
> > > > > > background = WindowsXP.jpg
> > > > > >
> > > > > > [UserData]
> > > > > > FullName = "University of Wollongong"
> > > > > > OrgName = "University of Wollongong"
> > > > > > ComputerName ="%MACHINENAME%"
> > > > > > ProductID = "D96VM-3YTHM-V4RX3-DTDPW-47WXD"
> > > > > >
> > > > > > [Display]
> > > > > > BitsPerPel = 32
> > > > > > XResolution = 1024
> > > > > > YResolution = 768
> > > > > > VRefresh = 60
> > > > > >
> > > > > > [TapiLocation]
> > > > > > CountryCode=61
> > > > > >
> > > > > > [RegionalSettings]
> > > > > > LanguageGroup=1
> > > > > > SystemLocale=00000c09
> > > > > > UserLocale=00000c09
> > > > > > InputLocale=0c09:00000409
> > > > > >
> > > > > > [Branding]
> > > > > > BrandIEUsingUnattended=Yes
> > > > > >
> > > > > > [URL]
> > > > > > Home_Page=http://www.uow.edu.au
> > > > > > Help_Page=http://www.uow.edu.au/its
> > > > > > AutoConfig=1
> > > > > > AutoConfigURL=http://www.uow.edu.au/autoproxy.pac
> > > > > >
> > > > > >
> > > > > > [Identification]
> > > > > > JoinDomain = %MACHINEDOMAIN%
> > > > > > DoOldStyleDomainJoin = Yes
> > > > > >
> > > > > > [Networking]
> > > > > >
> > > > > > InstallDefaultComponents=No
> > > > > > ProcessPageSections=Yes
> > > > > >
> > > > > > [NetAdapters]
> > > > > > Adapter1=params.Adapter1
> > > > > >
> > > > > > [params.Adapter1]
> > > > > > INFID=*
> > > > > >
> > > > > > [NetClients]
> > > > > > MS_MSClient=params.MS_MSClient
> > > > > >
> > > > > > [NetServices]
> > > > > > MS_SERVER=params.MS_SERVER
> > > > > >
> > > > > > [NetProtocols]
> > > > > > MS_TCPIP=params.MS_TCPIP
> > > > > >
> > > > > > [params.MS_TCPIP]
> > > > > > DNS=Yes
> > > > > > UseDomainNameDevolution=No
> > > > > > EnableLMHosts=No
> > > > > > AdapterSections=params.MS_TCPIP.Adapter1
> > > > > > DNSSuffixSearchOrder=ad.uow.edu.au,its.uow.edu.au,uow.edu.au
> > > > > >
> > > > > > [params.MS_TCPIP.Adapter1]
> > > > > > SpecificTo=Adapter1
> > > > > > DHCP=Yes
> > > > > > DNSServerSearchOrder=172.20.3.31,130.130.68.1
> > > > > > WINS=Yes
> > > > > > WinsServerList=172.20.3.31,172.20.3.4
> > > > > > NetBIOSOptions=1
> > > > > > DNSDomain=ad.uow.edu.au
> > > > > >
> > > > > >
> > > > > > [RemoteInstall]
> > > > > > Repartition = Yes
> > > > > > UseWholeDisk = Yes
> > > > > >
> > > > > >
> > > > > > [OSChooser]
> > > > > > Description ="DELL GX 280 RIS Test Image Only !!!!"
> > > > > > Help ="Don't use this Image Test Only"
> > > > > > LaunchFile ="%INSTALLPATH%\%MACHINETYPE%\templates\startrom.com"
> > > > > > ImageType =SYSPREP
> > > > > > Version="5.1 (2600)"
> > > > > > SysPrepSystemRoot="Mirror1\UserData\WINDOWS"
> > > > > > HalName=halmacpi.dll
> > > > > > ProductType=0
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > > >
.
- Follow-Ups:
- Re: RIS Server 2003 SP1 and XPSP2 issues
- From: gherkin
- Re: RIS Server 2003 SP1 and XPSP2 issues
- References:
- Re: RIS Server 2003 SP1 and XPSP2 issues
- From: gherkin
- Re: RIS Server 2003 SP1 and XPSP2 issues
- From: TIMM
- Re: RIS Server 2003 SP1 and XPSP2 issues
- Prev by Date: Re: to execute win32 applications on 'Windows PE '
- Next by Date: Re: RIS built Machines won't join the domain after upgrading to W2
- Previous by thread: Re: RIS Server 2003 SP1 and XPSP2 issues
- Next by thread: Re: RIS Server 2003 SP1 and XPSP2 issues
- Index(es):
Relevant Pages
|
