Consider the following scenario. You connect to an instance of Microsoft SQL Server 2005 or to an instance of Microsoft SQL Server 2000 from a Windows Vista-based computer. You use integrated authentication for the connection. In this scenario, a Warning event that resembles the following is logged in the System log:

Log Name: System
Source: LsaSrv
Date: Date
Event ID: 6036
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: Computer_Name
Description: The program Application_Name, with the assigned Process ID Process_ID, supplied a NULL or empty target name for the pszTargetName parameter when calling the InitializeSecurityContext API to initiate an outbound NTLM security context. This is a security risk when mutual authentication is required.

To help protect against a malicious attack, make your code more secure. To do this, change the program so that it specifies a target name in the pszTargetName parameter field, and then recompile the code.

This behavior may occur if one of the following conditions is true:

• You connect to the instance of SQL Server by using the SQL Server Native Client (SQL Native Client) provider.
• You connect to the instance of SQL Server by using Microsoft ADO.NET in an application.
• You connect to the instance of SQL Server by using Windows Data Access Components (Windows DAC) in an application.
  
  Note Windows DAC was formerly known as Microsoft Data Access Components (MDAC).

This event indicates that you used NTLM authentication. You can safely ignore this event. This event is not logged if you use Kerberos authentication.

This behavior is by design.

When you connect to an instance of SQL Server by using integrated authentication, you can use Kerberos authentication if the connection is made by using the TCP/IP protocol. If the connection is made by using a different protocol, the authentication mode falls back to NTLM authentication.

For more information, click the following article number to view the article in the Microsoft Knowledge Base: