RE: RPC Data Blocked in W03SP1
- From: "Roy Tsao" <roy_tsao@xxxxxxxxxxxx>
- To: isalist@xxxxxxxxxxxxx
- Date: Thu, 22 Sep 2005 22:38:58 -0600
Few people did domain test through VMnet, so this bug is not widely
known by VMare users. There is one post in Vmare discussion forum
"http://www.vmware.com/community/thread.jspa?threadID=21969&tstart=0";
and also one more post in newsgroup of microsoft in "windows server Active
directory" (search keyword "forest trust") section.
Initially I had this bug in GSX3.2, and then I re-produce it in
workstation
5.0. To ensure this is bug, I put two DC in one VMnet to test trust
creatation, both Worktation 5.0 & Best version 5.5 could not pass the
test.
Those are the information source, you can be a one more source too:)
Thanks,
Roy Tsao
> Hi Roy,
>
> That is very interesting! Where did you find the information regarding
> the VMware bug?
>
> Thanks!
> Tom
>
> Thomas W Shinder, M.D.
> Site: www.isaserver.org
> Blog: http://spaces.msn.com/members/drisa/
> Book: http://tinyurl.com/3xqb7
> MVP -- ISA Firewalls
>
> =20
>
> > -----Original Message-----
> > From: Roy Tsao [mailto:roy_tsao@xxxxxxxxxxxx]=20
> > Sent: Thursday, September 22, 2005 10:30 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: RPC Data Blocked in W03SP1
> >=20
> > http://www.ISAserver.org
> >=20
> > Dear Jim,
> >=20
> > The reported trouble was identified as the bug of VMware (both
> > in Workstation 5.0 & GSX Server 3.2) though those two shall fully
> > support Win03 SP1 as guest OS.
> > So when build up domain or forest trust under Win03 SP1,=20
> > current VMware
> > software is not workable (VPC is okay).
> >=20
> > Dear Tom,
> >=20
> > I suppose you are the fan of VMare, so you may find this bug in your
> > VMLab too.
> >=20
> > =20
> >=20
> > > Dear Jim,
> > >=20
> > > There was no rule action in the logs for RPC protocol
> > > when I tried to set up domain trust!
> > >=20
> > > Besides, after update "Domain Local" from W03 into W03 SP1,
> > > the used to work one way trust from "Domain Local"
> > > to "Domain Remote" fails, whenever I try to setup=20
> > > domain trust, it indicates local security authority can't
> > > have RPC communication with DC.
> > >=20
> > > According to MS KB899148, there seems a hotfix to correct
> > > Rpcrt4.dll into higher version, is my problom really
> > > linked to the KB and that hotfix.
> > >=20
> > > Thanks,
> > >=20
> > > Roy Tsao
> > >=20
> > >=20
> > >=20
> > >=20
> > > > You'll find rule action in the logs.
> > > > Scan there for RPC protocol.
> > > >=20
> > > > -------------------------------------------------------
> > > > Jim Harrison
> > > > MCP(NT4, W2K), A+, Network+, PCG
> > > > http://isaserver.org/Jim_Harrison/
> > > > http://isatools.org
> > > > Read the help / books / articles!
> > > > -------------------------------------------------------
> > > > =20
> > > >=20
> > > > -----Original Message-----
> > > > From: Roy Tsao [mailto:roy_tsao@xxxxxxxxxxxx]=20
> > > > Sent: Sunday, June 12, 2005 22:56
> > > > To: [ISAserver.org Discussion List]
> > > > Subject: [isalist] RE: RPC Data Blocked in W03SP1
> > > >=20
> > > > http://www.ISAserver.org
> > > >=20
> > > > I could not see a rule ban the connection.
> > > >=20
> > > > To explain in more details,=20
> > > > ISA SP1 local <--> ISA SP1 remote (s2s VPN/ route=20
> > relationship)
> > > > DC Loal Win03 DC Remote Win03SP1
> > > > Rule at both end:
> > > > DC Local <->DC Remote All Allowed
> > > >=20
> > > > Outbound Trust at DC Local -> DC Remote Okayed
> > > > Inbound Trust at DC Remote <- DC Local Failed
> > > >=20
> > > > =20
> > > > > Correction - this patch requires SP1.
> > > > > SP1 should have corrected the problem you're seeing.
> > > > > Are you absolutely, positively certain that it's not a=20
> > rule action?
> > > > >=20
> > > > > -------------------------------------------------------
> > > > > Jim Harrison
> > > > > MCP(NT4, W2K), A+, Network+, PCG
> > > > > http://isaserver.org/Jim_Harrison/
> > > > > http://isatools.org
> > > > > Read the help / books / articles!
> > > > > -------------------------------------------------------
> > > > > =20
> > > > >=20
> > > > > -----Original Message-----
> > > > > From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]=20
> > > > > Sent: Sunday, June 12, 2005 19:37
> > > > > To: [ISAserver.org Discussion List]
> > > > > Subject: [isalist] RE: RPC Data Blocked in W03SP1
> > > > >=20
> > > > > http://www.ISAserver.org
> > > > >=20
> > > > > Do you have ISA 2004 SP1 installed?
> > > > > The RPC fix is part of that release.
> > > > >=20
> > > > > -------------------------------------------------------
> > > > > Jim Harrison
> > > > > MCP(NT4, W2K), A+, Network+, PCG
> > > > > http://isaserver.org/Jim_Harrison/
> > > > > http://isatools.org
> > > > > Read the help / books / articles!
> > > > > -------------------------------------------------------
> > > > > =20
> > > > > -----Original Message-----
> > > > > From: Roy Tsao [mailto:roy_tsao@xxxxxxxxxxxx]=20
> > > > > Sent: Sunday, June 12, 2005 19:33
> > > > > To: [ISAserver.org Discussion List]
> > > > > Subject: [isalist] RPC Data Blocked in W03SP1
> > > > >=20
> > > > > http://www.ISAserver.org
> > > > >=20
> > > > > Hi,
> > > > >=20
> > > > > MS KB897716 indicates RPC data being blocked due to=20
> > imcompatible RPC
> > > > > filter between ISA2K4 and W03SP1. Does anybody have=20
> > problem to set
> > > > > up domain trust (W03 vs. W03SP1) through ISA!
> > > > > Actually I could setup outbound trust from W03 -> W03SP1, but=20
> > > > > when config W03SP1 -> W03 inbound trust, it failed!
> > > > > Is that the same type of problem as outlook on W03SP1=20
> > and same patch
> > > > > will resolve the problem?
> > > > >=20
> > > > > Thanks
> > > > >=20
> > > > > ------------------------------------------------------
> > > > > List Archives:=20
> > http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> > > > > ISA Server Newsletter:=20
> > http://www.isaserver.org/pages/newsletter.asp
> > > > > ISA Server FAQ:=20
> > http://www.isaserver.org/pages/larticle.asp?type=3DFAQ
> > > > > ------------------------------------------------------
> > > > > Other Internet Software Marketing Sites:
> > > > > World of Windows Networking: http://www.windowsnetworking.com
> > > > > Leading Network Software Directory: http://www.serverfiles.com
> > > > > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > > > > Windows Security Resource Site: http://www.windowsecurity.com/
> > > > > Network Security Library: http://www.secinf.net/
> > > > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > > > > ------------------------------------------------------
> > > > > You are currently subscribed to this ISAserver.org=20
> > Discussion List as:
> > > > > jim@xxxxxxxxxxxx
> > > > > To unsubscribe visit
> > > > http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> > > > > Report abuse to listadmin@xxxxxxxxxxxxx
> > > > >=20
> > > > > All mail to and from this domain is GFI-scanned.
> > > > >=20
> > > > >=20
> > > > > ------------------------------------------------------
> > > > > List Archives:=20
> > http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> > > > > ISA Server Newsletter:=20
> > http://www.isaserver.org/pages/newsletter.asp
> > > > > ISA Server FAQ:=20
> > http://www.isaserver.org/pages/larticle.asp?type=3DFAQ
> > > > > ------------------------------------------------------
> > > > > Other Internet Software Marketing Sites:
> > > > > World of Windows Networking: http://www.windowsnetworking.com
> > > > > Leading Network Software Directory: http://www.serverfiles.com
> > > > > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > > > > Windows Security Resource Site: http://www.windowsecurity.com/
> > > > > Network Security Library: http://www.secinf.net/
> > > > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > > > > ------------------------------------------------------
> > > > > You are currently subscribed to this ISAserver.org=20
> > Discussion List as:
> > > > > jim@xxxxxxxxxxxx
> > > > > To unsubscribe visit
> > > > http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> > > > > Report abuse to listadmin@xxxxxxxxxxxxx
> > > > >=20
> > > > > All mail to and from this domain is GFI-scanned.
> > > >=20
> > > > ------------------------------------------------------
> > > > List Archives: =
> http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> > > > ISA Server Newsletter:=20
> > http://www.isaserver.org/pages/newsletter.asp
> > > > ISA Server FAQ:=20
> > http://www.isaserver.org/pages/larticle.asp?type=3DFAQ
> > > > ------------------------------------------------------
> > > > Other Internet Software Marketing Sites:
> > > > World of Windows Networking: http://www.windowsnetworking.com
> > > > Leading Network Software Directory: http://www.serverfiles.com
> > > > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > > > Windows Security Resource Site: http://www.windowsecurity.com/
> > > > Network Security Library: http://www.secinf.net/
> > > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > > > ------------------------------------------------------
> > > > You are currently subscribed to this ISAserver.org=20
> > Discussion List as:
> > > > jim@xxxxxxxxxxxx
> > > > To unsubscribe visit=20
> > http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> > > > Report abuse to listadmin@xxxxxxxxxxxxx
> > > >=20
> > > > All mail to and from this domain is GFI-scanned.
> >=20
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=3DFAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion=20
> > List as: tshinder@xxxxxxxxxxxxxxxxxx
> > To unsubscribe visit=20
> > http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >=20
> >=20
Other related posts:
