Server 2003 Blue Screen at Logon

I have a Dell 700 Server running Windows 2003 SP1 and acting as a domain
control on the other side of the world. The server works fine unless you
attempt to logon remotely (RPD) or locally. If you do it crashes and creates
a memory.dmp file. When you attempt to logon in again you get the crash
message.

System Failure: Stop Error
0x00000008 (0xc0000005, 0x809413c4, 0xf29098dc, 0x00000000)

No module or process is shown. The system doesn't have symbols loaded so
the crash analyser I have doesn't help.

The right thing to do is contact MS to get assistance. My manager won't let
me use one of our MS incidents because then she has to explain to her
management why she did it. (Big Company BS) :-(

So I've spend many hours trying to solve this remotely without help.

The server is up and running just fine. I can look at the event logs. I
can RCMD into the system so I have command line access. I also can remotely
mount drives and the registry. I can also access the Dell Server Assistant
and don't see any hardware errors. No drive problems or memory issues are
being reported.

So far nothing I've looked at has given me a clue.

As to what has been done to the box....

I'm not positive since SMS rolls out a number of patches and software
changes. I know that it has the most current version of Dell's firmware and
drivers. those were installed weeks ago and the system worked afterwards.
This same software has been installed on 7 other servers and haven't caused a
problem.

I did contact Dell and they have no known issues with the firmware or driver
updates.

Looking at the MS Patch log it looks like it's been missed for a number of
patches. It may have had some of the new patches and missed some of the
older ones. Maybe one needed an old patch and had issues because it was
missing. Just a thought of course.

Does it have a good backup? Maybe but since I can't log in I can't check.
Many of these servers have issues with the backup software because of a
change made by another admin. He's been fixing them but he's has a lot of
work to do since we have so many servers around the world.

So do you have any suggestions on how I can determine the issue and get this
rsolved over the network?

Any suggestions would be great.

Thanks
Rick Clapp (former SNA MVP)


.

Relevant Pages

  • Re: IIS Hack : Anyone explain cause...
    ... it looks like you cleaned up the server -- if you care about security, ... Microsoft tries and mostly succeeds to release patches PRIOR to ... weeks/months/years prior to exploitation. ... > protected rant as we all know that IIS and indeed lots of software has ...
    (microsoft.public.inetserver.iis)
  • Re: Is MSIE dead as a browser - if Microsoft does not patch it then it is as far as I am concerned!
    ... M$ issuing patches "PDQ" is ... >> files served by the web server. ... this vulnerability ... the installed patch ...
    (microsoft.public.security.virus)
  • Re: Oh, heres an interesting paper.....
    ... monitoring and maintaining all the patches and settings and ... applications to Web server software from other vendors, ... Microsoft's Windows Update site, windowsupdate.microsoft.com, was defaced ... The Code Red worm, which began its trail of destruction earlier this ...
    (comp.security.firewalls)
  • Re: Oh, heres an interesting paper.....
    ... monitoring and maintaining all the patches and settings and ... applications to Web server software from other vendors, ... Microsoft's Windows Update site, windowsupdate.microsoft.com, was defaced ... The Code Red worm, which began its trail of destruction earlier this ...
    (comp.security.firewalls)
  • Re: Open Ports....How to block them all....?
    ... > I keep it up to date with SP's and Patches but find that the server keeps ... Frequently this happens through an IIS ... Ways to secure your system are detailed at: ...
    (microsoft.public.inetserver.iis.security)