locked
FF TMG Managed Control service cant be started on TMG RTM RRS feed

  • Question

  • I have recently installed TMG 2010 on Windows Server 2008 R2
    and i am receiving following error

    Exchange 2010 Edge is also installed on same machine
    ---
    Windows Could not Start the "Microsoft ForeFront TMG Managed Control" service on Local Computer
    Error 0x80070057 : Parameter is incorrect
    ---
    Event Viewer Data
    1.
    - System
       
    - Provider
          [ Name ] Microsoft Forefront TMG Control
       
    - EventID 31309
          [ Qualifiers ] 49152
       
      Level 2
       
      Task 0
       
      Keywords 0x80000000000000
       
    - TimeCreated
          [ SystemTime ] 2010-01-27T11:42:30.000000000Z
       
      EventRecordID 137575
       
      Channel Application
       
      Computer TMG.esl.local
       
      Security
      EventData
    2.

    - System
       
    - Provider
          [ Name ] Microsoft Forefront TMG Control
       
    - EventID 31308
          [ Qualifiers ] 49152
       
      Level 2
       
      Task 0
       
      Keywords 0x80000000000000
       
    - TimeCreated
          [ SystemTime ] 2010-01-27T11:42:30.000000000Z
       
      EventRecordID 137576
       
      Channel Application
       
      Computer TMG.esl.local
       
      Security
    - EventData
          Value does not fall within the expected range.
    3.

    - System
       
    - Provider
          [ Name ] IsaManagedCtrl
       
    - EventID 0
          [ Qualifiers ] 0
       
      Level 2
       
      Task 0
       
      Keywords 0x80000000000000
       
    - TimeCreated
          [ SystemTime ] 2010-01-27T11:42:30.000000000Z
       
      EventRecordID 137580
       
      Channel Application
       
      Computer TMG.esl.local
       
      Security
    - EventData
          Service cannot be started. The handle is invalid

    Normal View
    1.Eventid 31309
    E-mail policy configuration settings cannot be applied.
    2.Eventid 31308
    The Forefront TMG Managed Control service failed to initialize. Error information: Value does not fall within the expected range.
    3. Event ID 0
    Service cannot be started. The handle is invalid.
    Wednesday, January 27, 2010 11:47 AM

Answers

  • Hi,

     

    Thank you for the post.

     

    I would like to suggest that you contact Microsoft Product Support Services via telephone so that a dedicated Support Professional can assist with this request.

     

    To obtain the phone numbers for specific technology request please take a look at the web site listed below.

     

    http://support.microsoft.com/default.aspx?scid=fh;EN-US;PHONENUMBERS

     

    If you are outside the US please see http://support.microsoft.com for regional support phone numbers.

     

    Thank you for your patience and understanding.

     

    Regards,


    Nick Gu - MSFT
    Tuesday, February 2, 2010 6:46 AM
    Moderator

All replies

  • Interesting - I'm having exactly the same problem and it started 40min ago.

    The Firewall service kept stopping too - which is somewhat problematic - although the server now appears to have stabilised even though the control service won't start. 

    Wednesday, January 27, 2010 12:40 PM
  • Abdul - are you getting lots 16022 events in the application event log regarding configuration updates for the Exchange transport service?

    Log Entry:
    Event ID: 16022
    Source: MSExchange Transport
    Information: A configuration update for Microsoft.Exchange.Transport.TransportServerConfiguration has successfully completed.


    Wednesday, January 27, 2010 1:43 PM
  • Ok - just solved the problem on my server.  

    The Exchange IP block had 100+ ip's listed - including some important clients.  I cleared the list and the TMG Managed Control service started.
    Wednesday, January 27, 2010 2:52 PM
  • Yeah event log has lots of these events but i think thats not what is creating problem is it ?
    and how?
    and what is the resolution  
    Friday, January 29, 2010 12:44 PM
  • i don't have that much ip allow list entries. say no more than ten and i cant clear them under any circumstances. problem has to be resolved with them present in allow list
    Friday, January 29, 2010 12:45 PM
  • How did you enter the entries in the ip allow list - was it through the TMG console or through the Exchange Console/Powershell?

    Friday, January 29, 2010 7:49 PM
  • TMG Console
    Saturday, January 30, 2010 6:48 PM
  • Hi,

     

    Thank you for the post.

     

    I would like to suggest that you contact Microsoft Product Support Services via telephone so that a dedicated Support Professional can assist with this request.

     

    To obtain the phone numbers for specific technology request please take a look at the web site listed below.

     

    http://support.microsoft.com/default.aspx?scid=fh;EN-US;PHONENUMBERS

     

    If you are outside the US please see http://support.microsoft.com for regional support phone numbers.

     

    Thank you for your patience and understanding.

     

    Regards,


    Nick Gu - MSFT
    Tuesday, February 2, 2010 6:46 AM
    Moderator
  • Like others here, I got the exact same problem. For me it started today after installing exchange 2010 RU2. So is this something introduced by RU2 or is it somthing with my config that was flawed before the RU2 update?

    Henning

    Tuesday, April 6, 2010 8:10 PM
  • I had the same problem. I had to go to the office on a sunday. After a while this resolved my issue:

    In EMS : Get-IPBlockListEntry | Remove-IPBlockListEntry

    After that the service "Microsoft ForeFront TMG Managed Control" started without any problems

    Hoped this will help you as it did for me

    Robert Wouters

    Sunday, April 11, 2010 4:29 PM
  • Worked a charm. Thanks.

    Anyone know how these ip's get in the block list?

    Wednesday, May 5, 2010 2:18 AM
  • I still got this problem even after installing Sp1 and Software Update 1.

    Basicly, if I have ANY ip listed in my blocklist, I cannot apply any configuration changed to TMG.
    From what I can tell the Managed Control service in TMg will fail crash and I need to reboot the server.

    Anyone got any news on this problem?

    //Per


    PB
    Thursday, November 4, 2010 9:39 AM
  • I have same issue. Any update from Microsoft?
    Sunday, November 14, 2010 4:54 PM
  • Weird.. Got the same issue also after installing SP1 and SU1. Done the "Get-IPBlockListEntry | Remove-IPBlockListEntry" doohickey trick and worked like a charm. Don't know exactly why though, and what the exact consequences are going to be. Don't actually have anything in the IP Block lists. I had to disable these manually after installing SP1 and SU1 because some of my customers were complaining there was no email coming in on our side. And indeed, our server was happily blocking legitimate and correctly configured exchange servers. grumbl. Obviously had a couple of angry coworkers and bosses at my desk so I had to implement the easiest way of enabling email which was disabling IP block lists from the GUI. This though solved my problem!

    So eh Robert Wouters: Thanks a bunch, you are my hero of the day!

    Wednesday, November 17, 2010 2:56 PM
  • any news on this issue?
    Friday, December 10, 2010 10:39 AM
  • I have talked with Microsoft PSS today - see the result here: http://it-proknowledge.blogspot.com/2010/12/troubleshooting-error-0x8007057-in-tmg.html

    (it's a known bug - which will be fixed in SP2, but there is a workaround)

    Regards,

    Joachim

    Tuesday, December 14, 2010 10:22 PM
  • Thank you Joachim, for sharing this with us. I have the same problem. I already switched off IP-Bloklist and I have now also switched off Sender Reputation. TMG server running all the patches: TMG SP1, RU1, Exchange 2010 SP1 en RU2.

    It is my opinion, that the running Exchange Edge 2010 and Forefront for Exchange 2010 on the TMG2010 server is still in Beta test. Reader if you have the option of putting the Edge role not on the TMG server, please do that, it saves you lots off lost hours and money!

    Please Microsoft, tell us that this combination is not doable, or let your seperate development teams work together to solve all of these problems.

    Regards, Danny

    Wednesday, December 15, 2010 10:14 AM
  • We had a similar experience after adding an IP address to the “IP Allow List” via the Exchange Management Console, and this on a Forefront TMG 2010 server with the Exchange Edge Transport role installed.

    The following errors started to appear in event viewer: 

    System log:
    event 7023: The Microsoft Forefront TMG Managed Control service terminated with the following error: %%-2147024809

    Application log:
    IsaManagedCtrl: Service cannot be started. The handle is invalid
    event 31308: The Forefront TMG Managed Control service failed to initialize. Error information: Value does not fall within the expected range.

    The solution was to remove all IP addresses from the “IP Allow List” via the Anti-spam tab in the Exchange Management Console and then to restart the failed forefront services.  Next we added the allowed addresses via the Forefront TMG Management console (E-mail Policy - Spam Filtering tab - IP Allow List), and all issues were resolved.
    Seems like configuring the anti-spam settings via the Exchange Management Console is not a good idea on a Forefront TMG 2010 server.
    Regards,
    Peter


    Tuesday, March 22, 2011 10:52 AM