Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. A Windows Server 2003-based domain controller may incorrectly return the "NO_SUCH_USER (0xc0000064)" status code in response to logon requests when the domain controller is shutting down or restarting

A Windows Server 2003-based domain controller may incorrectly return the "NO_SUCH_USER (0xc0000064)" status code in response to logon requests when the domain controller is shutting down or restarting

View products that this article applies to.

Symptoms

Windows Server 2003-based domain controllers may incorrectly return the "NO_SUCH_USER (0xc0000064)" status code in response to logon requests after the "STATUS_INVALID_SERVER_STATE (0xc00000dc)" status code or the "STATUS_NO_MEMORY (0xc0000017)" status code is returned. This behavior occurs when the authenticating domain controller is shutting down or restarting.

The status code may be returned to one of the following computers:
  • The domain member computer that originated the logon request
  • An application server
  • A domain controller that forwarded the logon request to the authenticating domain controller by using pass-through authentication
The incorrect status code may cause the application that originated the logon request to fail or to time out.

Note This issue may occur even if you have applied the hotfix 942636.
942636 Windows Server 2003-based domain controllers may incorrectly return the "NO_SUCH_USER (0xc0000064)" status code in response to logon requests

↑ Back to the top

Cause

This problem occurs because the Net Logon service manages the returned status incorrectly.

↑ Back to the top

Resolution

To resolve this problem, you must apply this hotfix on the Windows Server 2003-based domain controllers.�After you apply this hotfix, the domain controllers return the �STATUS_NO_MEMORY (0xc0000017)� status code during the shutdown process. When the client receives this status code, the client tries to contact another domain controller.

NOTE: Windows Server 2003-based domain members must have�the client side hotfix 942636 applied, see KB 942636�Windows Server 2003-based domain controllers may incorrectly return the "NO_SUCH_USER (0xc0000064)" status code in response to logon requests.

Hotfix information

A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing the problem described in this article. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.

If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix.

Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site:
http://support.microsoft.com/contactus/?ws=support
Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.

Prerequisites

To apply this hotfix, the computer must be running Windows Server 2003 Service Pack 2 (SP2).

Restart requirement

You must restart the computer after you apply this hotfix.

Hotfix replacement information

This hotfix does not replace any other hotfix.

File information

The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.
For all supported x86-based versions of Windows Server 2003 SP2
File nameFile versionFile sizeDateTimePlatformSP requirement
Ksecdd.sys5.2.3790.4616135,16806-Nov-200911:04x86SP2
Msv1_0.dll5.2.3790.4616146,94411-Nov-200910:08x86SP2
Schannel.dll5.2.3790.4530151,04016-Jun-200907:21x86SP2
For all supported x64-based versions of Windows Server 2003 SP2
File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Ksecdd.sys5.2.3790.4616190,97612-Nov-200900:25x64SP2Not Applicable
Msv1_0.dll5.2.3790.4616265,21612-Nov-200900:25x64SP2Not Applicable
Schannel.dll5.2.3790.4530259,07212-Nov-200900:26x64SP2Not Applicable
Wmsv1_0.dll5.2.3790.4616146,94412-Nov-200900:26x86SP2WOW
Wschannel.dll5.2.3790.4530151,04012-Nov-200900:26x86SP2WOW
For all supported Itanium-based versions of Windows Server 2003 SP2
File nameFile versionFile sizeDateTimePlatformSP requirementService branch
Ksecdd.sys5.2.3790.4616322,04812-Nov-200900:20IA-64SP2Not Applicable
Msv1_0.dll5.2.3790.4616396,80012-Nov-200900:20IA-64SP2Not Applicable
Schannel.dll5.2.3790.4530474,62412-Nov-200900:20IA-64SP2Not Applicable
Wmsv1_0.dll5.2.3790.4616146,94412-Nov-200900:21x86SP2WOW
Wschannel.dll5.2.3790.4530151,04012-Nov-200900:21x86SP2WOW

↑ Back to the top

Workaround

To work around this problem, manually stop the Net Logon service before you shut down the domain controller.

↑ Back to the top

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

↑ Back to the top

More information

How this problem affects applications

When the "NO_SUCH_USER" status code is received, domain member computers and domain controllers do not establish a new security channel to another domain controller that is running correctly. Therefore, the logon requests that are sent by users or by applications may time out. The application that originated the logon requests may time out or may fail unless the application has failover logic or retry logic.

You may have enabled authentication in Microsoft Internet Security and Acceleration (ISA) Server to filter network traffic. Or, you may have enabled authentication in Internet Information Services to authenticate access to a Web site. When a domain controller is shutting down, users may be denied access to the proxy server or to the Web site.

Additionally, this problem prevents Microsoft BizTalk Server from working correctly. The BizTalk services stop unexpectedly every time that a domain controller is restarted. You have to manually restart the BizTalk services.

In this scenario, the following errors are logged in the Application log on the server that hosts BizTalk Server:

Event ID 6913

Event Type: Error
Event Source: BizTalk Server 2006
Event Category: BizTalk Server 2006
Event ID: 6913
User: N/A
Computer: <Computer name>
Description: An attempt to connect to <SQL server name> SQL Server database on server <Server name> failed with error: "Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection.".
Event ID 5410

Event Type: Error
Event Source: BizTalk Server 2006
Event ID: 5410
User: N/A
Computer: <Computer name>
Description: An error occurred that requires the BizTalk service to terminate. The most common causes are the following:
1) An unexpected out of memory error. OR
2) An inability to connect or a loss of connectivity to one of the BizTalk databases. The service will shutdown and auto-restart in 1 minute. If the problematic database remains unavailable, this cycle will repeat.

Error message: Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection.
Error source: BizTalk
host name: <Server name>
Windows service name: <Service name>
To work around this scenario, you can use a script in Service Control Manager to start the BizTalk services if the services are stopped.

Debugging information

If you have enabled logging for the Net Logon service, the status code for the logon request is logged in the following file:
%systemroot%\Debug\Netlogon.log
The 0xC0000064 error code may be logged in the Netlogon.log file on the following computers:
  • The computer that originated the logon request
  • The domain controller that responded to the logon request
  • An application server or domain controller that forwards the request to the authenticating domain controller
Note The "NO_SUCH_USER (0xC0000064)" status code is a valid return code if the user account to be authenticated does not exist. This situation may occur if one of the following conditions is true:
  • The user account has not replicated to the authenticating domain.
  • The user account was deleted from the Active Directory directory service.
  • The user account in the authentication request is formatted incorrectly by the user or by the application.
When a domain controller responds to a logon request that is received by using pass-through authentication, the Netlogon.log file on the domain controller logs information that resembles the following: 
MM/DD HH:MM:SS [LOGON] CORP-DOMAIN: SamLogon: Transitive Network logon of <Domain name> \<User account> from CALLER (via <DC or member server>) Entered 
MM/DD HH:MM:SS [LOGON] CORP-DOMAIN: SamLogon: Transitive Network logon of <Domain name> \<User account> from CALLER (via <DC or member server>) Returns 0xC0000064
When the authenticating domain controller responds to a logon request that is received directly from a domain member computer in the same domain, the Netlogon.log file on the domain controller logs information that resembles the following: 
MM/DD HH:MM:SS [LOGON] Samlogon: Network logon of <Domain name>\<User account> from CALLER Entered 
MM/DD HH:MM:SS [CRITICAL] NlPrintRpcDebug: Couldn't get EEInfo for I_NetLogonSamLogonEx: 1761 (may be legitimate for 0xc0000064) 
MM/DD HH:MM:SS [LOGON] Samlogon: Network logon of <Domain name>\<User account> from CALLER Returns 0xC0000064
For more information, click the following article number to view the article in the Microsoft Knowledge Base:
109626 Enabling debug logging for the Net Logon service
For more information, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates

↑ Back to the top

Note This is a "FAST PUBLISH" article created directly from within the Microsoft support organization. The information contained herein is provided as-is in response to emerging issues. As a result of the speed in making it available, the materials may include typographical errors and may be revised at any time without notice. See Terms of Use for other considerations.

↑ Back to the top

Keywords: kbautohotfix, kbexpertiseadvanced, kbfix, kbsurveynew, kbqfe, kbHotfixServer, KB973667

↑ Back to the top

Article Info
Article ID : 973667
Revision : 6
Created on : 8/30/2010
Published on : 8/30/2010
Exists online : False
Views : 429