BitLocker Active Directory Recovery Password Viewer on Windows Server 2008 R2

by Miha Pihler 24. August 2009 06:51

When you try to install BitLocker Active Directory Recovery Password Viewer tool on Windows Server 2008 R2 you will receive an error saying »This update is not applicable to your computer«.

You can find BitLocker Password Recovery tool on Windows Server 2008 R2 under Features. You can install the tool by opening Server Manager and under »Add Features« look for »Remote Server Administration Tools« »Feature Administration Tools«. Here select »BitLocker Diver Encryption Administration Utilities« and follow the wizard.

Once install process completes you can open Active Directory Users and Computers and right click on domain level. You should now see »Find BitLocker Recovery Password…«

Note: If Active Directory Users and Computers MMC was running during the installation process, you will have to reopen the MMC console to see the new option.

Tags: ,

Troubleshooting 0xc0040014 FWX_E_FWE_SPOOFING_PACKET_DROPPED error

by Miha Pihler 19. August 2009 07:18

When you run into 0xc0040014 FWX_E_FWE_SPOOFING_PACKET_DROPPED error on ISA it means that IP traffic is being forwarded to the network interface that is not expecting traffic from that IP address range. If you are using only physical network cards this should be easy to troubleshoot because ISA will log the interface name that is receiving network packets.

If you are using Enterprise networks on ISA Server Enterprise Edition and you run into spoofing problem on one of enterprise networks ISA will list name enterprise network which may not be directly linked to physical address.

In our case we have two possible paths (routes) that packet could take to reach the ISA server.

To figure out which router was forwarding the packets to the wrong interface I started Wireshark and made a network capture. For clarity I filtered the traffic by IP addresses of remote site that we wire connecting.

In network capture we can see MAC address of the router that is forwarding the network packets to the wrong network card (network card that is not expecting those IP packets). We can now use arp -a command on server to find out which IP address the MAC address belongs to and with this we tracked down the router.

Now that we knew which device was forwarding the packets we were able to fix the routes to ISA server and solve the problem.

Tags: ,

Miha Pihler

Microsoft Certified Master | Exchange 2010 (MCM)
Microsoft MVP - Enterprise Security

Month List

Page List