Blog Archives

Can ping server while it boots, but ping fails after start – IPSEC service loading issue.

Have seen this problem more than 10 times, but last night it was the first on a hyper v hosted w2k3 machine.
You may ping the machine while it boots but it fails after it goes on the ctrl+alt+del.  A message for a failed service comes up and when you log in no network connectivity is present. 
As a matter of fact, the NIC works perfect, looks connected, packets come and go, but no ping in and out the machine!
This is due to a Microsoft update that I am currently in the process of finding it, that actually damages the policy concerning the IPSEC service.
I tried to understand if there was a problem with the nics. I revealed all hidden devices by running (admin privileges for w2k8) on command prompt:
set devmgr_show_nonpresent_devices=1
and then showed device manager by
start devmgmt.msc
After View>Show hidden devices
and removed all older nic driver installations that I did not need to.
Unfortunately this was not the case…. This issue is dealt FAR EASIER! If you examine carefully your event viewer you may find that there is something wrong with your IPSEC service, which apparently should appear with Automatic start, but not started on your services. You fire up your services console and disable the IPSEC service. Reboot your server and after it boots all network connections will have been restored.
It is likely that if you try to start the IPSEC service again (which is highly recommended for corporate environments) it will fail saying that it didn’t find the file needed.
You may find a good workaround on the link below

, but a simple
“regsvr32 polstore.dll”
(Without quoteon my command prompt did the job I needed. It actually repairs the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\IPsec\Policy\Local as the above article describes.

Change back the service from disabled to automatic and it should start if you try it manually. Make a reboot and check again. This worked for me, hope it does for you and go back home earlier than you expected!

Have a good day 🙂


The Microsoft VSS snapshot provider selected returned: "Unexpected provider error". Volume shadow copy creation: Attempt 1. "COM+ REGDB Writer" has reported an error 0x800423f4. This is part of System State. The backup cannot continue.

I came up to this error yesterday with a W2k3 SP2 DC/Exchange (also seen on W2k8).Volume shadow copy creation: Attempt 1. “COM+ REGDB Writer” has reported an error 0x800423f4. This is part of System State. The backup cannot continue.

Error returned while creating the volume shadow copy:800423f4
Aborting Backup.

The operation did not successfully complete.

This is actually a Microsoft VSS snapshot provider error (“Unexpected provider error”) causing the backup process to fail.

The resolution is quite simple if you are lucky and you don’t need to re-register COM+ objects.

Fire up dos prompt (Start>Run>Cmd) and give the following command:

C:\>vssadmin list writers

A list of the availiable writers will follow.

vssadmin 1.1 – Volume Shadow Copy Service administrative command-line tool
(C) Copyright 2001 Microsoft Corp.
Writer name: ‘System Writer’
Writer Id:…………………….
Writer Instance Id:……………..
State: [1] Stable
Last error: No error

Look carefully on this list. The writers with State: [1] Stable and Last error: No error are ok.

But if you see

State: [9] Failed
Last error: Retryable error

The writer having this is the problematic one.

In my case (with the backup failing) the following had a state of fail:

‘COM+ REGDB Writer’

If you are using BackupExec it is possible to find the following with error as well:

‘WMI Writer’
‘FRS Writer’

This is resolved easily like this.

The VSS Provider needs to be removed. Delete the associated registry key for the Provider Id by using the following DOS command:

C:\>REG DELETE “HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VSS\Providers\{xxxxxx}” /F

where xxxx is the provider id of the problematic vss provider/object.

Then simply restart the VSS service

C:\>net stop vss
The Volume Shadow Copy service is stopping.
The Volume Shadow Copy service was stopped successfully.

C:\>net start vss
The Volume Shadow Copy service is starting.
The Volume Shadow Copy service was started successfully

Remember that if you don’t try the windows backup the command “vssadmin list writers” will show as not in error. Try to start the backup again and check if it runs.

In another case I had to register the vss by using the following in a batch file.

cd /d %windir%\system32
Net stop vss
Net stop swprv
regsvr32 ole32.dll
regsvr32 oleaut32.dll
regsvr32 vss_ps.dll
vssvc /register
regsvr32 /i swprv.dll
regsvr32 /i eventcls.dll
regsvr32 es.dll
regsvr32 stdprov.dll
regsvr32 vssui.dll
regsvr32 msxml.dll
regsvr32 msxml3.dll
regsvr32 msxml4.dll

Hope this helps some of us. 🙂

%d bloggers like this: