ISA 服务器遭遇 RPC 故障-白红宇

决定在 Blog 上有限地与大家公开分享我为网友解答问题及排错的经验和心得。这里需要注意标题中的 Q&A&T，他们分别是 Question；Answer；TroubleShooting 的缩写，其中要多加个 T 意在表示这个问题解答中包含排错的经验和心得。

网友Q：一台 ISA 服务器为 AD 成员，之前 ISA 运行良好，最近 ISA 总报 RPC 错误，无法登录到 AD?

A&T：首选需要检查日志中是否有可疑的警告或错误事件报告，经过查阅发现一条来源：Winlogon，事件ID：1219的错误警告。

在描述中明确指出RPC服务不可用，说明RPC及相关的服务出现了故障，使用addiag、dcdiag、netdiag分别作了测试，其中netdiag中检测到了可疑信息。

D:\Support Tools>netdiag

...................................

Computer Name: ISA

DNS Host Name: isa.contoso.com

System info : Windows 2000 Server (Build 3790)

Processor : x86 Family 15 Model 4 Stepping 3, GenuineIntel

List of installed hotfixes :

KB911564

KB925398_WMP64

KB925876

KB925902

KB930178

KB931768

KB931784

KB931836

KB932168

Q147222

Netcard queries test . . . . . . . : Passed

[WARNING] The net card 'RAS 同步适配器' may not be working because it has no

t received any packets.

GetStats failed for '直接并口'. [ERROR_NOT_SUPPORTED]

GetStats failed for 'WAN 微型端口 (PPTP)'. [ERROR_NOT_SUPPORTED]

GetStats failed for 'WAN 微型端口 (PPPOE)'. [ERROR_NOT_SUPPORTED]

[WARNING] The net card 'WAN 微型端口 (IP)' may not be working because it has

not received any packets.

GetStats failed for 'WAN 微型端口 (L2TP)'. [ERROR_NOT_SUPPORTED]

[WARNING] The net card 'Intel(R) PRO/1000 MT Network Connection' may not be

working.

Per interface results:

Adapter : contoso

Netcard queries test . . . : Passed

Host Name. . . . . . . . . : isa

IP Address . . . . . . . . : 10.194.145.2

Subnet Mask. . . . . . . . : 255.255.255.0

Default Gateway. . . . . . :

NetBIOS over Tcpip . . . . : Disabled

Dns Servers. . . . . . . . : 10.194.145.5

10.194.145.8

AutoConfiguration results. . . . . . : Passed

Default gateway test . . . : Skipped

[WARNING] No gateways defined for this adapter.

NetBT name test. . . . . . : Skipped

NetBT is disabled on this interface. [Test skipped]

WINS service test. . . . . : Skipped

NetBT is disable on this interface. [Test skipped].

Adapter : Internet

Netcard queries test . . . : Passed

Host Name. . . . . . . . . : isa

IP Address . . . . . . . . : 202.202.202.2

Subnet Mask. . . . . . . . : 255.255.255.248

Default Gateway. . . . . . : 202.202.202.1

NetBIOS over Tcpip . . . . : Disabled

Dns Servers. . . . . . . . : 202.202.202.202

IpConfig results . . . . . : Failed

[WARNING] Your default gateway is not on the same subnet as your IP

address.

AutoConfiguration results. . . . . . : Passed

Default gateway test . . . : Passed

NetBT name test. . . . . . : Skipped

NetBT is disabled on this interface. [Test skipped]

WINS service test. . . . . : Skipped

NetBT is disable on this interface. [Test skipped].

Adapter : VPDN

Netcard queries test . . . : Passed

Host Name. . . . . . . . . : isa

IP Address . . . . . . . . : 10.194.146.129

Subnet Mask. . . . . . . . : 255.255.255.192

Default Gateway. . . . . . :

NetBIOS over Tcpip . . . . : Disabled

Dns Servers. . . . . . . . :

AutoConfiguration results. . . . . . : Passed

Default gateway test . . . : Skipped

[WARNING] No gateways defined for this adapter.

NetBT name test. . . . . . : Skipped

NetBT is disabled on this interface. [Test skipped]

WINS service test. . . . . : Skipped

NetBT is disable on this interface. [Test skipped].

Adapter : DMZ

Netcard queries test . . . : Passed

Host Name. . . . . . . . . : isa

IP Address . . . . . . . . : 172.16.0.1

Subnet Mask. . . . . . . . : 255.255.255.0

Default Gateway. . . . . . :

NetBIOS over Tcpip . . . . : Disabled

Dns Servers. . . . . . . . :

AutoConfiguration results. . . . . . : Passed

Default gateway test . . . : Skipped

[WARNING] No gateways defined for this adapter.

NetBT name test. . . . . . : Skipped

NetBT is disabled on this interface. [Test skipped]

WINS service test. . . . . : Skipped

NetBT is disable on this interface. [Test skipped].

Adapter : EP

Netcard queries test . . . : Passed

Host Name. . . . . . . . . : isa

IP Address . . . . . . . . : 172.18.145.18

Subnet Mask. . . . . . . . : 255.255.255.248

Default Gateway. . . . . . :

NetBIOS over Tcpip . . . . : Disabled

Dns Servers. . . . . . . . :

AutoConfiguration results. . . . . . : Passed

Default gateway test . . . : Skipped

[WARNING] No gateways defined for this adapter.

NetBT name test. . . . . . : Skipped

NetBT is disabled on this interface. [Test skipped]

WINS service test. . . . . : Skipped

NetBT is disable on this interface. [Test skipped].

Adapter : JL

Netcard queries test . . . : Failed

NetCard Status: DISCONNECTED

Some tests will be skipped on this interface.

Host Name. . . . . . . . . : isa

IP Address . . . . . . . . : 0.0.0.0

Subnet Mask. . . . . . . . : 0.0.0.0

Default Gateway. . . . . . :

NetBIOS over Tcpip . . . . : Disabled

Dns Servers. . . . . . . . :

Adapter : {6981CD9A-AA04-4FEE-8986-0B672B1A35BE}

Netcard queries test . . . : Passed

Host Name. . . . . . . . . : isa

IP Address . . . . . . . . : 10.194.146.65

Subnet Mask. . . . . . . . : 255.255.255.255

Default Gateway. . . . . . :

Dns Servers. . . . . . . . :

AutoConfiguration results. . . . . . : Passed

Default gateway test . . . : Skipped

[WARNING] No gateways defined for this adapter.

NetBT name test. . . . . . : Passed

[WARNING] At least one of the <00> 'WorkStation Service', <03> 'Messenge
r Service', <20> 'WINS' names is missing.
No remote names have been found.

WINS service test. . . . . : Skipped
There are no WINS servers configured for this interface.

Global results:

Domain membership test . . . . . . : Passed

NetBT transports test. . . . . . . : Passed

List of NetBt transports currently configured:

NetBT_Tcpip_{6981CD9A-AA04-4FEE-8986-0B672B1A35BE}

1 NetBt transport currently configured.

Autonet address test . . . . . . . : Passed

IP loopback ping test. . . . . . . : Passed

Default gateway test . . . . . . . : Passed

NetBT name test. . . . . . . . . . : Passed
[WARNING] You don't have a single interface with the <00> 'WorkStation Servi
ce', <03> 'Messenger Service', <20> 'WINS' names defined.

Winsock test . . . . . . . . . . . : Passed

DNS test . . . . . . . . . . . . . : Passed

Redir and Browser test . . . . . . : Failed
    List of NetBt transports currently bound to the Redir
        NetBT_Tcpip_{6981CD9A-AA04-4FEE-8986-0B672B1A35BE}
    The redir is bound to 1 NetBt transport.

    List of NetBt transports currently bound to the browser
        NetBT_Tcpip_{6981CD9A-AA04-4FEE-8986-0B672B1A35BE}
    The browser is bound to 1 NetBt transport.
    [FATAL] Cannot send mailslot message to '\contoso*MAILSLOTNETNETLOGON' vi
a redir. [ERROR_BAD_NETPATH]

DC discovery test. . . . . . . . . : Passed

DC list test . . . . . . . . . . . : Failed
'contoso': No DCs are up.

Trust relationship test. . . . . . : Failed
'contoso': No DCs are up (Cannot run test).
Secure channel for domain 'contoso' is to '\WSUS.contoso.com'.

Kerberos test. . . . . . . . . . . : Skipped

LDAP test. . . . . . . . . . . . . : Passed

[WARNING] Failed to query SPN registration on DC 'fileserver.contoso.com'.
[WARNING] Failed to query SPN registration on DC 'WSUS.contoso.com'.

Bindings test. . . . . . . . . . . : Passed

WAN configuration test . . . . . . : Skipped

No active remote access connections.

Modem diagnostics test . . . . . . : Passed

IP Security test . . . . . . . . . : Skipped

Note: run "netsh ipsec dynamic show /?" for more detailed information

The command completed successfully

D:\Support Tools>

从上述错误中可以看到一些服务器因 NetBT 故障导致运行错误，运行"Services.msc"进入服务管理器检查并允许自动运行"TCP/IP NetBIOS helper"服务，之后发现问题依然存在。继续检查内网连接的网卡TCP/IP属性配置下“高级”-“WINS”-“NetBIOS 设置”，应确保内部网卡启用“默认”设置或“启用 TCP/IP 上的 NetBIOS”设置。

因管理员之前为了保证 ISA 的安全，禁用了“TCP/IP NetBIOS helper”服务，并且在TCP/IP高级属性中启用了“禁用 TCP/IP 上的 NetBIOS”（之前询问时管理员一直未回忆起进行过该项操作！:-)），导致 RPC 故障。经过恢复配置该问题得到了解决。建议，因为 ISA 为 AD 成员，所以因该保留内部网卡的TCP/IP配置，并为每个外部网卡单独配置“禁用 TCP/IP 上的 NetBIOS”，无须禁用“TCP/IP NetBIOS helper”服务。

本文转自苏繁 51CTO博客，原文链接：http://blog.51cto.com/goxia/224003，如需转载请自行联系原作者