Microsoft Knowledge Base Email Alertz
All KB/RSS Links  |  Hot Kb!  |  New Kb!  |  Scott Cate  |  FAQ / KB  |  Web Hosting  |  Unsubscribe  

If the SNA Server service (SNAservr.exe) is set to log on by using the local system account, Single Sign-On (SSO) requests that are sent to the Host Account Cache (HAC) service do not succeed. The following event will be logged in the application...

Search KbAlertz

Advanced Search

Receive Microsoft Knowledge Base articles by E-Mail?

Every night we scan the Microsoft Knowledge Base. If technologies you're interested in are updated, we'll send you an e-mail. You only get one e-mail a day, and only when new articles are added.
Click here to create a
FREE account
Already have an account?
[Click here to Login]











Microsoft Knowledge Base Article

This article contents is Microsoft Copyrighted material.
©2005-©2007 Microsoft Corporation. All rights reserved. Terms of Use | Trademarks
Article ID: 318427 - Last Review: February 22, 2007 - Revision: 2.3

Host Account Cache Lookup Does Not Succeed if SNA Server Service Uses the System Account

View products that this article applies to.
This article was previously published under Q318427

SUMMARY

If the SNA Server service (SNAservr.exe) is set to log on by using the local system account, Single Sign-On (SSO) requests that are sent to the Host Account Cache (HAC) service do not succeed.

The following event will be logged in the application event log of the computer that is running the HAC service:
EventID : 401
Source : SNA Server
Description : Single Sign-On request for [Domain]\[Userid] failed - failed to communicate with the host account cache for host domain [Host Security Domain Name>]
To resolve this problem, make sure that the SNA Server service is set to log on as a domain account with administrative privileges.

NOTE: By default the SNA Server service will not use the local system account because the SNA Server and Host Integration Server 2000 installation programs will prompt for account information. Also, the account that you use for the SNA Server service does not have to be the same account that you use for the Host Security Integration components.

MORE INFORMATION

The following is an excerpt from a UDBINTX.ATF trace file taken on the system that is running the HAC service: 
snarpc.cpp(132)    SrvrRpcProcessRequestInternal SrvrRpcProcessRequestInternal begin
snarpc.cpp(160)    SrvrRpcProcessRequestInternal About to call ProcessRequest
udbmsg.cpp(125)    udb_process_request Received Message type UDI_GET_HOST_UIDPW
udbauxil.cpp(726)  GetRpcClientInfo RpcImpersonateClient succeeded
udbauxil.cpp(735)  GetRpcClientInfo OpenThreadToken succeeded
udbauxil.cpp(440)  MyGetTokenInfo Required Token Information buffer length is : 20
udbauxil.cpp(452)  MyGetTokenInfo GetTokenInformation succeeded
udbauxil.cpp(757)  GetRpcClientInfo Got Client Userid: SYSTEM, Domain: NT AUTHORITY
                                                       ^^^^^^
udbauxil.cpp(440)  MyGetTokenInfo Required Token Information buffer length is : 68
udbauxil.cpp(452)  MyGetTokenInfo GetTokenInformation succeeded
udbauxil.cpp(531)  GetDomainAdmSid NetGetAnyDCName failed, error 1355, try to locate PDC
udbauxil.cpp(536)  GetDomainAdmSid NetGetDCName failed, Error  2453
udbmsg.cpp(130)    udb_process_request Client Id: SYSTEM, Domain: NT AUTHORITY, Is Admins: 0
udbmsg.cpp(188)    udb_process_request Get host userid and password request received
udbmsg.cpp(1059)   udb_get_host_uidpw Get host password for NT user Administrator, NT domain HISDOM
udbmsg.cpp(1060)   udb_get_host_uidpw pwszHostDomain is HSTSEC
udbmsg.cpp(1061)   udb_get_host_uidpw bPasswordFormat is 2
udbmsg.cpp(1126)   udb_get_host_uidpw Client doesn't have proper privilege for this request
                                      ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
udbmsg.cpp(1194)   udb_get_host_uidpw Get the NT User record with error: The request database access is denied
                                      ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
snasti.cpp(1499)   RpcMsgAllocate Allocated memory block size 92 at address 0x1270000
snarpc.cpp(164)    SrvrRpcProcessRequestInternal ProcessRequest returned 0xA160053B
snarpc.cpp(227)    SrvrRpcProcessRequestInternal ProcessRequest returned an out message of length 92
snarpc.cpp(249)    SrvrRpcProcessRequestInternal SrvrRpcProcessRequestInternal end
APPLIES TO
  • Microsoft Host Integration Server 2000 Standard Edition
  • Microsoft SNA Server 4.0
  • Microsoft SNA Server 4.0 Service Pack 1
  • Microsoft SNA Server 4.0 Service Pack 2
  • Microsoft SNA Server 4.0 Service Pack 3
  • Microsoft SNA Server 4.0 Service Pack 4
Back to the top
Keywords: 
kbinfo KB318427
        

Community Feedback System

Very often, it takes hours to solve a problem. Very often, you've looked high and low, and have tried a lot of solutions. When you finally found it, chances are, it was because someone else helped you. Here's your chance to give back. Use our community feedback tool to let others know what worked for you and what didn't.

Please also understand that the community feedback system is not warranted to be correct, it's simply a system that we've built to let people try and help each other. If something in a feedback response doesn't make sense to you, or you're not comfortable making changes that the feedback talks about (like registry edits), please consult a professional.

Thank you for using kbAlertz.com Feedback System.

-- Scott Cate

Copyright © 2002-2007 KBALERTZ.COM.  All Rights Reserved. Terms / PrivacyDiscount ASP.NET Hosting