ISA Server 2004 Enterprise Edition may stop responding if the firewall does not go into lockdown mode when MSDE logging fails (920893)

CAUSE

By default, when logging fails, ISA Server automatically goes into lockdown mode and stops the Microsoft Firewall Service. This problem occurs if you change this default behavior by using either of the following procedures:

You disable "Stop selected services settings" on the Log Failure alert properties. To check this setting in ISA Server Management, follow these steps:
1. Click the Monitoring node, and then click the Alerts tab.
2. In the Task pane, click Configure Alert Definitions.
3. Double-click the Log Failure alert, and verify that the Stop selected services checkbox is selected under the Actions tab.
You run the DisableLockdownOnLogFailure.vbs script that is available at the following Microsoft TechNet Web site:
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/disablelockdownonlogfailure.mspx

RESOLUTION

Hotfix information

A supported hotfix is now available from Microsoft, but it is only intended to correct the problem that is described in this article. Only apply it to systems that are experiencing this specific problem. This hotfix may receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next ISA Server 2004 service pack that contains this hotfix.

To resolve this problem immediately, contact Microsoft Product Support Services to obtain the hotfix. For a complete list of Microsoft Product Support Services telephone numbers and information about support costs, visit the following Microsoft Web site:

http://support.microsoft.com/contactus/?ws=support

Note In special cases, charges that are ordinarily incurred for support calls may be canceled if a Microsoft Support Professional determines that a specific update will resolve your problem. The usual support costs will apply to additional support questions and issues that do not qualify for the specific update in question.

Prerequisites

ISA Server 2004 Service Pack 2 (SP2) must be installed before you install this hotfix.

Restart requirement

The following services are automatically stopped and then restarted when you install this hotfix:

Microsoft Firewall
ISA Server Control
ISA Server Job Scheduler
ISA Server Storage

Hotfix replacement information

This hotfix does not replace any other hotfixes.

File information

The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

File name	File version	File size	Date	Time	Platform
Comphp.dll	4.0.3443.618	167,784	13-Jun-2006	18:43	x86
Complp.dll	4.0.3443.618	63,336	13-Jun-2006	18:43	x86
msfpc.dll	4.0.3443.618	377,192	13-Jun-2006	18:43	x86
msfpccom.dll	4.0.3443.618	5,024,104	13-Jun-2006	18:43	x86
ratlib.dll	4.0.3443.618	40,808	13-Jun-2006	18:43	x86
msfpcsnp.dll	4.0.3443.618	4,656,488	13-Jun-2006	18:43	x86
mspadmin.exe	4.0.3443.618	282,984	13-Jun-2006	18:43	x86
msphlpr.dll	4.0.3443.618	405,352	13-Jun-2006	18:43	x86
mspmon.dll	4.0.3443.618	52,584	13-Jun-2006	18:43	x86
mspmsg.dll	4.0.3443.618	254,312	13-Jun-2006	18:43	x86
rpcfltr.dll	4.0.3443.618	130,920	13-Jun-2006	18:43	x86
w3filter.dll	4.0.3443.618	750,952	13-Jun-2006	18:43	x86
wspsrv.exe	4.0.3443.618	1,065,832	13-Jun-2006	18:43	x86