Cannot Connect to the ISA Server Array After You Rename Your Domain (819970)



The information in this article applies to:

  • Microsoft Internet Security and Acceleration Server 2000
  • Microsoft Windows Server 2003, Datacenter Edition
  • Microsoft Windows Server 2003, Enterprise Edition
  • Microsoft Windows Server 2003, Standard Edition
  • Microsoft Windows Small Business Server 2003, Premium Edition

SYMPTOMS

After you rename your Windows Server 2003 domain, you can no longer connect to your Internet Server and Acceleration (ISA) Server 2000 array. When you view the ISA services in the ISA Management utility, they have a status of Unavailable.

Therefore, you can no longer manage the ISA Server array.

CAUSE

This issue occurs because the original domain name value remains in use for the msFPCFQDN attribute in Active Directory.

RESOLUTION

To resolve this issue, modify the msFPCFQDN attribute on the following Active Directory object to reflect the fully qualified domain name (FQDN) of the new domain name:

CN=GUID of the ISA server in the renamed domain,CN=SERVERS,CN=GUID of ISA Server Array,CN=ARRAYS,CN=FPC,CN=SYSTEM,DC=renamed domain

To do this, follow these steps.
Warning If you use the ADSI Edit snap-in, the LDP utility, or any other LDAP version 3 client, and you incorrectly modify the attributes of Active Directory objects, you can cause serious problems. These problems may require you to reinstall Microsoft Windows 2000 Server, Microsoft Windows Server 2003, Microsoft Exchange 2000 Server, or both Windows and Exchange 2000 Server. Microsoft cannot guarantee that problems that occur if you incorrectly modify Active Directory object attributes can be solved. Modify these attributes at your own risk.
  1. Start the ADSI Edit utility. This utility is included with the Windows Support Tools. To install these tools, right-click Suptools.msi in the Support\Tools folder on the Windows Server 2003 CD-ROM, and then click Install. Follow the steps in the Windows Support Tools Setup Wizard to complete the installation of the Windows Support Tools components. To start ADSI Edit, click Start, click Run, type adsiedit.msc in the Open box, and then click OK.
  2. Expand the Domain container, expand DC=example,DC=com, expand CN=System, expand CN=Fpc, expand CN=Arrays, expand CN={GUID of ISA Server Array}, and then expand CN=Servers.
  3. Under CN=Servers, right-click CN={GUID of the ISA server in the renamed domain}, and then click Properties.
  4. In the Attribute list, click msFPCFQDN, and then click Edit.
  5. In the Value box, type the correct FQDN of the ISA server. For example, type server.example.com, where server is the name of the ISA Server-based server, and where example.com is the name of the renamed domain.
  6. Click OK, click Apply, click OK, and then quit the ADSI Edit utility.
  7. Permit sufficient time for the changes to replicate throughout the organization.

MORE INFORMATION

For additional information about how to install ISA Server 2000 on a Windows Server 2003-based computer, click the following article number to view the article in the Microsoft Knowledge Base:

331062 Running ISA Server on Windows Server 2003


Modification Type:MajorLast Reviewed:10/9/2003
Keywords:kbprb KB819970 kbAudITPRO