In addition to the subject behavior, when you start the IPSEC Services component on the domain controller, you receive:

The system cannot find the file specified.

The System Event log may contain:

Event Type: Error                              Event Source: IPSEC                              Event Category: None                              Event ID: 4292                              Date: MM/DD/YYYY                              Time: HH:MM:SS                              User: N/A                              Computer: <COMPUTER NAME>                              Description: The IPSec driver has entered Block mode. IPSec will discard all inbound and outbound                                           TCP/IP network traffic that is not permitted by boot-time IPSec Policy exemptions.                               Event Type: Error                              Event Source: Service Control Manager                              Event Category: None                              Event ID: 7023                              Date: MM/DD/YYYY                              Time: HH:MM:SS                              User: N/A                              Computer: <COMPUTER NAME>                              Description: The IPSEC Services service terminated with the following error: The system cannot find the file specified
This behavior is symptomatic of a corrupted file in the policy store, possibly caused by a power outage or other invalid shutdown.

To resolve this issue:

1. Open a CMD.EXE window on the Windows Server 2003 SP1 domain controller.

2. Type the following commands and press Enter after each line:

REG DELETE HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /F
REG ADD HKLM\SYSTEM\CurrentControlSet\Services\IPSec /V Start /T REG_DWORD /F /D 2
regsvr32 /s polstore.dll

3. Shutdown and restart the Windows Server 2003 SP1 domain controller.