[THIN] Re: Sasser patch b0rk me.

  • From: "Nikolic, Aleks" <ANikolic@xxxxxxxxxxxxxxxxxxx>
  • To: "'thin@xxxxxxxxxxxxx'" <thin@xxxxxxxxxxxxx>
  • Date: Wed, 9 Jun 2004 14:09:43 +0200

It seems that we found the problem in our farm. Turned out to be one of the
Terminal Servers that blocked access from it to the other two servers. 

There were no obvious problems found on this server..something just seemed
to be broke..! It was also hard to determine that it was in fact 1 terminal
server that gave the problems because users sometimes didn't report the
problem, rebooted the system and would get re-directed to another server
which did not have any issues. After we found it, we just rolled a
ghostimage back on the server and everything was fine...
Thanks everybody for the input (and Steve in special for giving the hint to
look at server where the user was coming from)!

Regards,

Aleks
- - - 

-----Oorspronkelijk bericht-----
Van: Ryan Lambert [mailto:rlambert@xxxxxxxxxxxxxxx] 
Verzonden: dinsdag 1 juni 2004 14:23
Aan: thin@xxxxxxxxxxxxx
Onderwerp: [THIN] Re: Sasser patch b0rk me.


Indeed, I am both off the phone and gray/bald.

It seems somewhere around the time that my client applied this patch, their
ISP was also making changes to their backbone. (Figures?) So, at the end of
this all... it turned out to not even be an issue with the licensing server.
No neenering, Nick. ;-)

The problem turned out to be...

Eventlog was indicating that the Terminal Server could not issue a client
license, and the permanent licenses were in fact not being issued.=20

Each time the Neoware was reset back to factory defaults, it took a
temporary license. This is natural. The first time you log in a temporary
license is taken, the second time a permanent license is issued. The size of
a permanent license is greater than a temporary license (in bytes). One of
the routers on our client's ISP's network had a MTU of 1024 set, which was
fragmenting data. Because of this, the TS and the device were having trouble
negotiating a permanent license, because the data can not come over
separated as it was and be considered valid.

We were able to identify which router by pinging each host through the
traceroute with the -f -l 997 options. After we addressed this issue, the
problem was resolved and licenses were being issued as normal.

Fricking. A.


-----Original Message-----
From: Nikolic, Aleks [mailto:ANikolic@xxxxxxxxxxxxxxxxxxx]=20
Sent: Tuesday, June 01, 2004 5:07 AM
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] Re: Sasser patch b0rk me.

No, But licensing should NOT be an issue at this stage. We ran a lsreport
and the licensing database is working as it should. If it does turn out to
be licensing, I don't know what I'm going to do with Bill, but its gonna be
bad!!!

I'm also curious if Ryan is off the phone already with MS and turned
gray/bald..?

TIA

-----Oorspronkelijk bericht-----
Van: Danny Clarke [mailto:Danny@xxxxxxxxxx]=20
Verzonden: dinsdag 1 juni 2004 10:32
Aan: 'Thin@xxxxxxxxxxxxx'
Onderwerp: [THIN] Re: Sasser patch b0rk me.


Have you tried the following:

Delete the following keys (having backed them up first)
HKLM\system\CCS\Services\TermService\Parameters

*Certificate
*X509 Certificate
*X509 Certificate ID
********************************************************
This Week's Sponsor - Tarantella Secure Global Desktop Tarantella Secure
Global Desktop Terminal Server Edition Free Terminal Service Edition
software with 2 years maintenance. http://www.tarantella.com/ttba
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or=20
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm
********************************************************
This Week's Sponsor - Tarantella Secure Global Desktop Tarantella Secure
Global Desktop Terminal Server Edition Free Terminal Service Edition
software with 2 years maintenance. http://www.tarantella.com/ttba
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm
********************************************************
This Week's Sponsor - RTO Software / TScale What's keeping
you from getting more from your terminal servers? Did you
know, in most cases, CPU Utilization IS NOT the single
biggest constraint to scaling up?! Get this free white paper
to understand the real constraints & how to overcome them.
SAVE MONEY by scaling-up rather than buying more servers.
http://www.rtosoft.com/Enter.asp?ID=147
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm

Other related posts: