XP SP2 and RRAS mmc snap-in

From: Nickolay A. Kritsky (nkritsky_at_INTERNETHELP.RU)
Date: 09/08/04

  • Next message: Hahn, Frank: "XP SP2 - profile detection without GPO's ?"
    Date:         Wed, 8 Sep 2004 15:54:08 +0400

      Hello NTBUGTRAQ.

      Short summary:
      This is the report of degrading/loosing functionality of RRAS mmc
      snap-in after upgrading XPSP1 to XPSP2.

            First some background.
      Windows 2000 administrative tools are not for use on Windows XP.
      This is fully documented and stated as "this is by design" in MSDN.
      As a solution they advise you to install "Windows Server 2003
      Administrative Tools Pack" for administering AD/DNS/DHCP etc. But,
      in 2003 ATP they removed RRAS snap-in. So, if you are netwotk
      administrator and you are using XP Pro as your workstation you have
      to add RRAS snap-in from 2000 ATP by using command-line switches for
      adminpack.msi for administering your 2000 RRAS servers. That's what
      is written and that's what I have done. Everything worked. Until...
            I have installed XP SP2.
      After that, trying to run "Routing And Remote Access" snap-in I
      receive the following messagebox:
        Caption: "Remote Access Policies Error"
        Text: "An error occured while trying to get information for an
        attribute. The stub received bad data."
        Buttons: OK
      Pressing OK button results in another same messagebox. And so on,
      and you have to end task via Task Manager. I suppose that this
      behaviour is because of RPC/DCOM security enhancements in XP SP2 but
      my RPC debugging skills are on 0/-1 level.

      I have tried the registry fixes mentioned in
      http://support.microsoft.com/default.aspx?scid=kb;en-us;824835 -
      "Certain IDL constructs are marshaled and unmarshaled incorrectly by


      "List of Remote Procedure Call (RPC) fixes in Windows XP Service
      Pack 2"

      Still no luck. Can anyone shed the light on this, or show me the way
      for further debug? Maybe the easiest way will be the using old RPC
      dlls with this only snap-in?


    ; NKritsky
    ; mailto:nkritsky@internethelp.ru

    NTBugtraq Editor's Note:

    Want to reply to the person who sent this message? This list is configured such that just hitting reply is going to result in the message coming to the list, not to the individual who sent the message. This was done to help reduce the number of Out of Office messages posters received. So if you want to send a reply just to the poster, you'll have to copy their email address out of the message and place it in your TO: field.

  • Next message: Hahn, Frank: "XP SP2 - profile detection without GPO's ?"