Microsoft KB Archive/330560

= PRB: SQL Logon Errors When You Try to Install BizTalk Server =

PSS ID Number: 330560

Article Last Modified on 5/23/2003

-

The information in this article applies to:


 * Microsoft BizTalk Server 2000
 * Microsoft BizTalk Server 2002

-



This article was previously published under Q330560



SYMPTOMS
When you try to install BizTalk Server on a computer running Microsoft Windows 2000 Server, and the server is running Terminal Services in Application Mode, the installation may fail, and you may receive error messages that state that you cannot log on to SQL Server.



CAUSE
If Terminal Services is running in Application Mode on the server on which you are installing BizTalk, some of the trusted connections to the computer running SQL Server, which you must have during installation, are made in the context of the local system account. These connections should be made in the context of the logged on user who is performing the installation. The local system account does not have the required access permissions for SQL Server.



WORKAROUND
To resolve this problem, do one of the following:
 * Temporarily grant SQL Server access and rights to the Local System account for the computer. This account name takes the form \ $. Remove this SQL Server logon when installation is complete.

In specific domain configurations, the connection is tried as NT AUTHORITY\ANONYMOUS LOGON instead of \ $. If this is the case, you must temporarily grant permissions to NT AUTHORITY\ANONYMOUS LOGON instead.

NOTE: This workaround may create a security hole. Only use this method if the risk of temporarily giving these accounts permissions for the SQL Server computer is acceptable. -or-


 * Temporarily remove Terminal Services, install BizTalk Server, and then reinstall Terminal Services.



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.



MORE INFORMATION
When Windows Installer runs on a server running Terminal Services in Application Mode, certain actions are automatically elevated to run in the local system context instead of in the context of the logged on user. Therefore, any integrated security connections that you try to make under these conditions, such as those to a remote computer running SQL Server, do not run in the context of the user who is performing the installation.

