Microsoft KB Archive/253540

= Encryption Pack Installation May Not Work If User GUID Is Too Long =

Article ID: 253540

Article Last Modified on 10/30/2006

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Professional Edition

-



This article was previously published under Q253540



SYMPTOMS
After you install the Windows 2000 High Encryption Pack and it appears to succeed, any program that relies on 128-bit security (such as Microsoft Internet Explorer) may still report 56-bit security in use rather than 128-bit after you reboot the computer.



CAUSE
This problem occurs when the administrative account being used to install the encryption pack has a Globally Unique Identifier (GUID) that is longer than 1,024 bytes. The encryption pack Setup program only allocates a 1,024-byte buffer for this value when it is attempting to verify whether or not the user has permissions to run Setup. If the GUID is too long, validation does not succeed and the encryption pack Setup is not run.

With most local administrative accounts, this is not a problem. It currently has only occurred with domain administrator accounts that have been migrated from a Microsoft Windows NT 4.0 domain to a Windows 2000 domain. In this case, the GUID may sometimes be too long.



RESOLUTION
To resolve this problem, obtain the latest service pack for Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

260910 How to Obtain the Latest Windows 2000 Service Pack



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Windows 2000 Service Pack 1.

Keywords: kbhotfixserver kbqfe kbbug kbfix kbqfe kbwin2000sp1fix KB253540

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.