It’s rare to see an SBS 2003 box still in production, but there are a few companies that are eeking the most out of their investment and haven’t upgraded yet.
On one of the the SBS 2003 boxes I support I had an interesting issue after a reboot today, the server had no network access, no DNS, no IP traffic, nothing.
After a bit of investigation it turns out to be an issue with a security update for DNS (KB953230). This issue is that DNS starts to listen on a port required by another service and hence the service fails to start.
In our instance today, the service which failed to start was IPSEC, so the server went into blocked mode, and prevented all TCP/IP traffic.
The Event Log generated the following errors; Event ID 7023
And Event ID 4292.
The quick fix it to stop the DNS server, start the IPSEC Services, then start the DNS Server.
The long term fix is to add a list of ports to an exception list so that they won’t be used by the DNS Server. This can be found in the registry at HKLMSYSTEMCurrentControlSetServicesTcpipParametersReservedPorts.
Full details can be found here in KB956189