Wednesday, March 4, 2009

IAS Server Crashes Randomly 

IAS server crashes when a user tries to authenticate to the network. Irrespective weather the authentication is for 802.1x Wired / Wireless or VPN.
The following Event ID can be found in the System Log.
Event Type: Error
Event Source: Application Error
Event Category: (100)
Event ID: 1000
Date:  2/27/2009
Time:  2:19:05 PM
User:  N/A
Computer: SERVER
Description:
Faulting application svchost.exe, version 5.2.3790.3959, faulting module iassam.dll, version 5.2.3790.4242, fault address 0x0000ec89.

Data:
0000: 41 70 70 6c 69 63 61 74   Applicat
0008: 69 6f 6e 20 46 61 69 6c   ion Fail
0010: 75 72 65 20 20 73 76 63   ure  svc
0018: 68 6f 73 74 2e 65 78 65   host.exe
0020: 20 35 2e 32 2e 33 37 39    5.2.379
0028: 30 2e 33 39 35 39 20 69   0.3959 i
0030: 6e 20 69 61 73 73 61 6d   n iassam
0038: 2e 64 6c 6c 20 35 2e 32   .dll 5.2
0040: 2e 33 37 39 30 2e 34 32   .3790.42
0048: 34 32 20 61 74 20 6f 66   42 at of
0050: 66 73 65 74 20 30 30 30   fset 000
0058: 30 65 63 38 39            0ec89
Resolution: 
This is generally caused by a corrupt IAS database. The best thing is to try and re-create the IAS database. However it the service starts and stops immediately then deleting the old policies and re-creating them is going to be a tough one. 
So what i suggest is that we replace the files involved. Here is how we go about achieving this.
Get a copy of the CD for your OS or an I386 dump. Either one will serve the purpose well. 
Then use the ‘expand’ command to decompress the files from the CD/I386 distro to the System32. Just to be on the safe side, make sure to backup the old files.
Backing Up the old files:
 C:\> ren %windir%\system32\ias\dnary.mdb %windir%\system32\ias\dnary.mdb.old
 C:\> ren %windir%\system32\ias\ias.mdb %windir%\system32\ias\ias.mdb.old
 C:\> ren %windir%\system32\iassam.dll %windir%\system32\ias\iassam.dll.old
Now to expand the files. In Command Prompt navigate to the I386 Folder of your OS’s CD or the distro. (For example my I386 folder is in the ‘D’ drive.)
D:\I386> expand dnary.md_ %windir%\system32\ias\dnary.mdb

D:\I386>expand ias.md_ %windir%\system32\ias\ias.mdb


D:\I386>expand iassam.dl_ %windir%\system32\iassam.dll

Then register the ‘iassam.dll’ using regsvr32. [regsvr32 iassam.dll /s]

Start the IAS service. Using ‘Services.msc’ or ‘net start ias’

Oops!!! Almost forgot to add... Don't Forget to Register IAS in AD.

This should solve you issue. Now have your users try to authenticate. They should be able to login just fine.

Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)