The official blog for Windows Server Essentials and Small Business Server support and product group communications.
[Today's post comes to us courtesy of Damian Leibaschoff and Wayne McIntyre]
We have seen some cases where the Network Policy Server service fails to start, when this happens, functionality provided by TS Gateway (used in RWW) or Routing and Remote Access (RRAS) will also stop working. Furthermore, we’ve also seen, that as part of the troubleshooting, partners are uninstalling the entire role, and when trying to re-install it fails.
How to identify you are experiencing this issue?
When starting the NPS service it fails with:
The following event is logged:
Log Name: System Source: Service Control Manager Date: 1/30/2009 11:36:35 AM Event ID: 7023 Task Category: None Level: Error Keywords: Classic User: N/A Computer: Description: The Network Policy Server service terminated with the following error: Unspecified error
If you try to start RRAS you get:
Log Name: System Source: Service Control Manager Date: 2/16/2009 1:34:37 PM Event ID: 7024 Task Category: None Level: Error Keywords: Classic User: N/A Computer: Description: The Routing and Remote Access service terminated with service-specific error 16389 (0x4005).
If you try to re-install the Role service you get:
Network Policy and Access Services Network Policy Server Network Policy and Access Services: Installation failed <Error>: Attempt to install Network Policy Server failed with error code 0x80070643. Fatal error during installation The following role services were not installed: Network Policy Server
In the servicing logs you see:
ServerManager.log 5316: 2009-01-29 12:06:25.902 [CBS] ...current state of 'IAS NT Service': p: Staged, a: Staged, s: UninstallRequested 5316: 2009-01-29 12:06:25.902 [CBS] ...setting state of 'IAS NT Service' to 'InstallRequested' 5316: 2009-01-29 12:06:25.919 [CBS] ...'IAS NT Service' : applicability: Applicable 5316: 2009-01-29 12:07:05.658 [CbsUIHandler] Initiate: 5316: 2009-01-29 12:07:08.975 [InstallationProgressPage] Installing... 5316: 2009-01-29 12:08:54.092 [CbsUIHandler] Error: -2147023293 : 5316: 2009-01-29 12:08:54.093 [CbsUIHandler] Terminate: 5316: 2009-01-29 12:08:54.093 [CBS] Error (Id=0) Function: 'NativeMethods.GetPackageStatus(out status)' failed: 80070643 (-2147023293) 5316: 2009-01-29 12:08:54.094 [CBS] ...done installing 'IAS NT Service '. Status: -2147023293 (80070643) 5316: 2009-01-29 12:08:54.094 [InstallationProgressPage] Verifying installation... 5316: 2009-01-29 12:08:54.194 [Provider] Skipped configuration of 'NetworkPolicyServer' because install operation failed. cbs.log 2009-01-29 12:07:27, Error CSI 00000001 (F) Logged @2009/1/29:12:07:26.752 : [ml:96{48},l:94{47}]"Attempting to start service {IAS} synchronously" [gle=0x80004005] 2009-01-29 12:07:27, Error CSI 00000002 (F) Logged @2009/1/29:12:07:27.753 : [ml:260{130},l:258{129}]"Service did not run. Current state (3) Exit code (-2147467259) Service specific exit code (0) Check point (1) Wait hint (300000) " [gle=0x80004005] 2009-01-29 12:07:27, Error CSI 00000003@2009/1/29:12:07:27.864 (F) CMIADAPTER: Inner Error Message from AI HRESULT = E_FAIL [ [19]"Unspecified error" ] [gle=0x80004005]
The problem can happen when the NPS service tries to register it’s VSS writer and finds that it does not have enough rights to do so.
To resolve this:
We are investigating why the value would be 0 instead of 1. At this time we have identified that uninstalling WSS 3.0 will cause the value to change to 0, there are other interactions that could lead to this value getting changed. We will update this post once we have more information.
PingBack from http://www.ditii.com/2009/02/21/troubleshooting-network-policy-server-service-ias-fails-to-start-or-be-installed/
I am experiencing this exact problem - BUT the registry key discussed was set correctly...
also discussed here:
http://social.technet.microsoft.com/Forums/en-US/winserverNAP/thread/a987cf99-7f7c-4bbc-b8fd-e262a61db1f9/
That was sweet, that solved my problem.
Must have something to do with WSS, because that is something we did. We uninstalled WSS and reinstalled.
Worked like a charm! Thanks :)
It was to do with the WSS uninstall.
Same problem here, but WSS is not installed, "NT AUTHORITY\NETWORK SERVICE" was already at "1", and iashost.exe is not running.
I can confirm that removing WSS 3.0 from the SBS 2008 server causes the specified registry value to go to 0 from 1.
Also this is weird and needs to be fixed. On a clean installed SBS 2008 server, RDP starts working right after you see the "press ctrl + alt + del" screen. BUT after you remove wss 3.0 from the server, you CANNOT RDP into the server till about 6-7 minutes after you see the "press ctrl + alt + del" screen..
I know this has to do with more changes WSS 3.0 does because the problem occurs immediately after WSS was removed.
SBS team, please look into this problem and if you find a solution please post it here for all of us..
Thanks!!
Vinod Madabushi
I had the Same Problem but my registry key was already set to 1. Disabling the WWW Publishing Service enable me to install it.