I’m not sure if I’m the only one out there that doesn’t know this, especially since I’m an app dev guy and not an infrastructure guy (though you may not be able to tell by my posts so far), but AntiVirus engines can really ruin your day when you’re attempting to troubleshoot things, or install enterprise software.
Recently, I installed Microsoft Exchange 2007 and had all kinds of trouble. Needless to say that the antivirus client that was running on the domain controller was preventing remote updates to the sysvol folder. Now you’d figure that I could manually correct the issues after disabling the blocking rule on the DC, but no… I had to uninstall Exchange and reinstall it. By the way, when you uninstall exchange, while planning to reinstall it, make sure that it cleans up Active Directory properly or the installer will never get started.
To add insult to injury, I couldn’t figure out why my Exchange install could receive emails, but was failing to send them out. Again, turns out that they AntiVirus client was blocking all outbound port 25 traffic. Again after adjusting the policy of the AV client, yes… success.
Within the next 24 hours I began troubleshooting why my SharePoint boxes could not send out smtp mail via the Exchange server. I had already created a new receive connector and configured it properly. After a short time of chasing my tail, I remembered that all of these servers were built from the same sysprep image. All running the same AV client, and yes, the port blocking rule was still engaged on the SharePoint box.
Just as a reminder to anyone that reads this, and myself especially… Make sure to check all traffic failures first with your various AntiVirus engines. They are very thorough and a thoroughly locked down server is going to likely need some reconfiguring prior to retasking or deployment.