An update is available to prevent Configuration Storage server account settings from expiring when you use certificate authentication in ISA Server 2004, Enterprise Edition

This article describes an ISA Server 2004, Enterprise Edition update that you can install to prevent ADAM account settings from expiring on your Configuration Storage server.

Note Install this update only on a computer that is running Microsoft Windows Server 2003.

To resolve this problem, obtain the latest service pack for Internet Security and Acceleration Server 2004. For more information, click the following article number to view the article in the Microsoft Knowledge Base:

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section. This problem was first corrected in Internet Security and Acceleration Server 2004 Service Pack 2.

When ISA Server 2004, Enterprise Edition uses certificate authentication between array members and the Configuration Storage server, ADAM account settings that are used during the authentication process may expire. When these account settings expire, the connection between your array members and the Configuration Storage server is broken. In this scenario, the following event is logged in the Application log on the ISA Server computer:

Event Source: Microsoft ISA Server Control
Event ID: 21238
Date: date
Time: time
Type: Warning
User: N/A
Computer: ServerName
Description: ISA Server cannot connect to the Configuration Storage server ConfigurationStorageServer.example.com for one of the following reasons:
- The Configuration Storage server is not available.
- General networking or authentication issues.
- A policy misconfiguration on the array.

For information on resolving these issues, see "Troubleshooting installation and connectivity" in the ISA Server help or
http://go.microsoft.com/fwlink/?LinkId=37487.

After you install this software update, the following event is logged in the Application log on the ISA Server computer:

Event Source: Microsoft ISA Server Control
Event ID: 21239
Date: date
Time: time
Type: Warning
User: N/A
Computer: ServerName
Description: The Configuration agent has restored its connection to the Configuration Storage server
ConfigurationStorageServer.example.com.

Download information

The following file is available for download from the Microsoft Download Center:


Download the ISA2004EE-KB894609-X86-ENU.msp package now. (http://www.microsoft.com/downloads/details.aspx?FamilyId=1CBAC3E5-ACAC-4613-9860-E1B760B9434F&displaylang=en)

Release Date: April 8, 2005

For more information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base: Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

Update installation information

You must install this update on the Configuration Storage server. To install this update, follow these steps:

1. Log on to the Configuration Storage server by using an account that has administrator rights.
   
   Important You must log on by using the same account that you used to run ISA Server Setup when you installed Configuration Storage server. If you install this update by using a different account, you receive the following error message:
   Setup cannot initialize ISA Server settings.
2. Download and then run the update package to install this update on the Configuration Storage server.

Note You can also use an administrative installation to integrate, or slipstream, this update into the ISA Server installation point before you install Configuration Storage server. For more information about how to perform an administrative installation, visit the following Microsoft Web site: For more information, click the following article numbers to view the articles in the Microsoft Knowledge Base: