XP SP2 - WU client 2.0 not properly authenticating itself against ISA Server 2000

From: Kelly N (kn_at_CENTRALCOMPLEX.COM)
Date: 08/20/04

  • Next message: Dallman, John: "Re: XPSP2 - DEP"
    Date:         Fri, 20 Aug 2004 10:29:33 -0500
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    Russ,

    After installing SP2 on XP, windows update no longer worked on those
    workstations. All of our workstations are behind an ISA 2000 SP2 server
    which requires authentication from the client before it will allow access
    to the internet. The error code shown on the windows update page was
    0x80244021. There were no articles in the Kbase regarding that error.
    After browsing the ISA logs, we found that in our case the WU client 2.0
    does not properly authenticate with the ISA server. During
    authentication, the WU client identifies itself as "Domain\" instead of
    "Domain\UserName". Authentication fails and then Windows Update fails and
    issues the error. Of course WU is still working fine on all other
    versions of Windows 2000 and XP. We have temporarily bypassed this
    problem by creating a rule in ISA which allows the client to access the
    internet without having to authenticate first. Of course this is not a
    solution that we prefer. We would prefer that the WU client properly
    authenticate with ISA. We contacted Microsoft but there was no word on
    whether the client would be fixed or not and our trouble ticket was closed
    since our temporary fix has allowed our client to successfully use WU
    through ISA. I am unaware of how rare or common this problem is in other
    companies running XP SP2 & ISA 2000.

    Kelly N
    Network Administrator

    -----
    NTBugtraq Editor's Note:

    Want to reply to the person who sent this message? This list is configured such that just hitting reply is going to result in the message coming to the list, not to the individual who sent the message. This was done to help reduce the number of Out of Office messages posters received. So if you want to send a reply just to the poster, you'll have to copy their email address out of the message and place it in your TO: field.
    -----


  • Next message: Dallman, John: "Re: XPSP2 - DEP"

    Relevant Pages

    • Re: Windows Update v5 issues and workaround
      ... MVP -- ISA Firewalls ... There are two NTLM authentication issues affecting WU v5 when WU uses web ... - Disable authentication for Windows Update requests. ... When Apply New Configuration dialog reports "Changes to the ...
      (microsoft.public.isa.enterprise)
    • Re: Windows Update v5 issues and workaround
      ... MVP -- ISA Firewalls ... There are two NTLM authentication issues affecting WU v5 when WU uses web ... - Disable authentication for Windows Update requests. ... When Apply New Configuration dialog reports "Changes to the ...
      (microsoft.public.isaserver)
    • Re: Windows Update v5 issues and workaround
      ... MVP -- ISA Firewalls ... There are two NTLM authentication issues affecting WU v5 when WU uses web ... - Disable authentication for Windows Update requests. ... When Apply New Configuration dialog reports "Changes to the ...
      (microsoft.public.isa)
    • Re: Windows Update v5 issues and workaround
      ... MVP -- ISA Firewalls ... There are two NTLM authentication issues affecting WU v5 when WU uses web ... - Disable authentication for Windows Update requests. ... When Apply New Configuration dialog reports "Changes to the ...
      (microsoft.public.isa.configuration)
    • Re: Windows Update v5 issues and workaround
      ... MVP -- ISA Firewalls ... There are two NTLM authentication issues affecting WU v5 when WU uses web ... - Disable authentication for Windows Update requests. ... When Apply New Configuration dialog reports "Changes to the ...
      (microsoft.public.isa.clients)