Microsoft KB Archive/300933

= An Access Violation Occurs When More Than One LDAP Bind Request Goes to the Windows 2000 Server =

Article ID: 300933

Article Last Modified on 2/28/2007

-

APPLIES TO


 * Microsoft Windows 2000 Service Pack 1
 * Microsoft Windows 2000 Service Pack 2
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Service Pack 1
 * Microsoft Windows 2000 Service Pack 2

-



This article was previously published under Q300933



SYMPTOMS
When a Lightweight Directory Access Protocol (LDAP) sends a bind request that causes a connection to transition from an unencrypted state to an encrypted state at the same time that the server is reading a subsequent request, the following access violation occurs:

1:NTSD: access violation

1:NTSD: !!! second chance !!!

1:eax=0a7e5a6c ebx=0a918ab0 ecx=00000000 edx=13ca5ba0 esi=0a94b0b0 edi=00000000

1:eip=757a9e1f esp=10e5f8e0 ebp=10e5f930 iopl=0 nv up ei pl zr na po nc

1:cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246

1:NTDSA!CBerEncode__EncodeLdapResult+50:

1:757a9e1f 8a4801 mov cl,[eax+0x1] ds:0023:0a7e5a6d=??

1:0:039> kb

1:ChildEBP RetAddr Args to Child

1:10e5f904 756f1caf 13ca0650 00000040 00000000 NTDSA!CBerEncode__EncodeLdapResult+0x50

1:10e5f924 756f5ba3 00000000 10e5fe20 757a857a NTDSA!_InitTHSTATE_+0x19

1:10e5f930 757a857a 0a918ab0 0a94b0b0 00000000 NTDSA!DBGetMultipleAtts+0x10

1:10e5fe20 756f576d 0a918ab0 10e5ff00 77e76659 NTDSA!LdapEnumConnections+0x1b1

1:10e5fef4 756f55f3 12017378 00000000 0000000b NTDSA!GetEntInf+0x2f1

1:10e5ff30 755716d0 0a94b0b0 0000000b 00000000 NTDSA!GetEntInf+0xf0

1:10e5ff80 75571159 120173cc 0000000b 1201737c NTDSATQ!AtqpProcessContext+0xcc

1:10e5ffb4 77e7758a 00000000 00149658 00070000 NTDSATQ!AtqPoolThread+0xa9

1:10e5ffec 00000000 7557451e 00000000 00000000 KERNEL32!MapViewOfFileEx+0x5d 1:0:039>



CAUSE
This behavior can occur if the first LDAP bind request is not completed before a second bind request is sent. The server starts processing the first bind and then attempts to decode the second request before it finishes processing the first request. The server cannot decode the second request because the server has not yet received enough data. While the server is waiting to receive more data from the second request, the first request is completed and encryption is turned on again. An access violation then occurs.



RESOLUTION
To resolve this problem, obtain the latest service pack for Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

260910 How to Obtain the Latest Windows 2000 Service Pack

The English version of this fix should have the following file attributes or later:

  Date         Time   Version        Size     File name     Platform -  21-Jun-2001  03:23  5.0.2195.3737  355,088  Advapi32.dll 21-Jun-2001 03:23  5.0.2195.3738  142,608  Kdcsvc.dll 13-Jun-2001 20:43  5.0.2195.3738  209,008  Kerberos.dll 29-May-2001 12:26  5.0.2195.3739   69,456  Ksecdd.sys 13-Jun-2001 20:32  5.0.2195.3738  501,520  Lsasrv.dll    128-bit 13-Jun-2001 20:32  5.0.2195.3738  501,520  Lsasrv.dll     56-bit 13-Jun-2001 08:32  5.0.2195.3738   33,552  Lsass.exe 21-Jun-2001 03:23  5.0.2195.3758  909,072  Ntdsa.dll 21-Jun-2001 03:23  5.0.2195.3762  382,224  Samsrv.dll 29-May-2001 12:53  5.0.2195.3649  128,784  Scecli.dll 30-May-2001 05:19  5.0.2195.3649  299,792  Scesrv.dll



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Windows 2000 Service Pack 3.



MORE INFORMATION
For additional information about how to install Windows 2000 and Windows 2000 hotfixes at the same time, click the article number below to view the article in the Microsoft Knowledge Base:

249149 Installing Microsoft Windows 2000 and Windows 2000 Hotfixes

Additional query words: kbDirServices

Keywords: kbbug kbfix kbwin2000presp3fix kbqfe kbwin2000sp3fix kbdirservices kbhotfixserver KB300933

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.