[THIN] Re: Client disconnections due to security hotfix MS05- 019 and Windows Server 2003 SP1
- From: "BRUTON, Malcolm, FM" <Malcolm.BRUTON@xxxxxxxx>
- To: "'thin@xxxxxxxxxxxxx'" <thin@xxxxxxxxxxxxx>
- Date: Mon, 20 Jun 2005 13:06:46 +0100
Been stung by this too.
They have re-released ms05-19 this month.
Malcolm
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Rick Mack
Sent: 20 June 2005 12:40
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Client disconnections due to security hotfix MS05-019
and Windows Server 2003 SP1
Hi People,
About a month ago one of our customers started having problems with
remote terminal server users dropping off and not being able to
reconnect, but local users could still connect and work without
problems. The problem slowly became more severe, despite the fact the
the terminal server wasn't heavily loaded.
Tried upgrading to Windows 2003 SP1 and the problem became even worse.
Turns out to have been an MTU size issue (with XDSL connections)
induced by MSO5-019 and made worse by Windows 2003 SP1. After a period
of time the server/client thinks the remote host is unavailable due to
retransmissions and timeouts.
Microsoft have released a new hotfix to fix the problem. What they
don't mention is that it doesn't install on a server with Windows
2003 SP1. Had get another version that was compatible with 2003 SP1.
Anyway, the article:
KB Article 898060
Note that the Post SP1 hotfix is different to the one offered to fix
the problem.
Installing security update MS05-019 or Windows Server 2003 Service
Pack 1 may cause network connectivity between clients and servers to
fail
Network connectivity between clients and servers may fail. This
failure occurs after the installation of either security update
MS05-019 or Microsoft Windows Server 2003 Service Pack 1 (SP1). Any
one or more of the following symptoms may occur:
â Inability to connect to terminal servers or to file share access. â
Failure of domain controller replication across WAN links.
â Inability of Microsoft Exchange servers to connect to domain controllers.
These symptoms are more likely to occur in WAN and LAN scenarios.
These scenarios typically exist where routers and data-link level
protocols that have different Maximum Transmission Units (MTUs) are
used across the network. In this scenario, the sending host can
receive several Internet Control Message Protocol (ICMP) destination
unreachable messages that have MTU updates for a destination. These
symptoms are most likely to occur if the following conditions are
true:
1. During the PathMTUDiscovery process, several routers on the route
to the destination send MTU updates to the source host. One of the
possible reasons for this could be that source and destination hosts
are in different WAN segments. Additionally, these segments are
connected through a tunnel with a small MTU.
2. Network load balancing, dynamic routing, or both are used. In this
scenario, there are several possible routes to a destination that has
MTUs that are different from the MTU of the sending subnet and that
are different from each other. Therefore, changing the route of IP
packets over time can produce several MTU updates for the destination
address
regards,
Rick
Ulrich Mack
Volante Systems
N�ÂYÃÂÂ*hÅÃ+z�'ÅâÃÂ*'ÂâÃ�vââ)Ã>Â�rÃÂxâÃÂÂ-ÂÃ-ÂÂâÂ&ÂyÃËÅz/jÃÂÅÃ'r+-âÃ^iÃÂâÅÃÂ
'^ÂâÃyÂmÅgÂÂxÂÂÂÂÂÂÃÂÂ�rÃÂzÃÃj
ÂÂ[ÂÅâÃ~ÅÃLâÃÂÂ-ÂÃ-ÂÂÂâÃiÃÃ0ÃÃ"Åz/jÃÂÅÃ(âÃÂr+kâ�mâK�~ÃSâ)Ãâ'ÂÂ*&ÂÃbÅ�ÃÅK�ÂÃÂ
j)ZnWÅÂ�mÂÃÃâ)ÃzÃÃÅy,qÃââ)ÃÅHÅÂiÂÅ+r���âWÂÂ
BIÃÂr�ÅÂÂÃâ+bzÃmÂÅÃÃ
-â)ÃÅHÅÂahÂ
Ãâ+ÃÂÃ�ÅÃâÂÃÃmÃÂnÃ+âÂÂÂÃÂ
(�ÂÃ+UÂ�Â*'Åâ^ÂÃÂâÃÃâÅ%Åy!ÂÃÃÃbÅwÂÃÃÂÂ,eÅÃ\
***********************************************************************************
The Royal Bank of Scotland plc. Registered in Scotland No 90312. Registered
Office: 36 St Andrew Square, Edinburgh EH2 2YB.
Authorised and regulated by the Financial Services Authority
This e-mail message is confidential and for use by the
addressee only. If the message is received by anyone other
than the addressee, please return the message to the sender
by replying to it and then delete the message from your
computer. Internet e-mails are not necessarily secure. The Royal
Bank of Scotland plc does not accept responsibility for
changes made to this message after it was sent.
Whilst all reasonable care has been taken to avoid the
transmission of viruses, it is the responsibility of the recipient to
ensure that the onward transmission, opening or use of this
message and any attachments will not adversely affect its
systems or data. No responsibility is accepted by The Royal
Bank of Scotland plc in this regard and the recipient should carry
out such virus and other checks as it considers appropriate.
Visit our websites at:
http://www.rbs.co.uk/CBFM
http://www.rbsmarkets.com
********************************************************************************
********************************************************
This Weeks Sponsor: eg Innovations, Inc.
Enabling Proactive Infrastructure Triage eG Innovations, Inc. is the leading
provider of real-time monitoring and proactive triage solutions
for IT Infrastructures.
http://www.eginnovations.com/egcitrix.htm
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
ThinWiki community - Excellent SBC Search Capabilities!
http://www.thinwiki.com
***********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm
Other related posts:
- » [THIN] Re: Client disconnections due to security hotfix MS05- 019 and Windows Server 2003 SP1