Microsoft KB Archive/836533

= You receive a &quot;The security context is invalid&quot; error message when you call or create an out-of-process component =

Article ID: 836533

Article Last Modified on 12/3/2007

-

APPLIES TO


 * Microsoft Internet Information Services 6.0

-





SYMPTOMS
If a Web site program has been configured for Delegation security in the Component Services management tool, and the Web site is configured for Basic authentication, you may receive the following error message when you try to call or to create an out-of-process component that is on the same computer as Microsoft Internet Information Services (IIS):

0x800706d5, &quot;The security context is invalid.&quot;



CAUSE
This problem may occur when the user token that is generated from Basic authentication has the SecurityImpersonation impersonation level instead of the SecurityDelegation impersonation level.



Hotfix Information
A supported hotfix is now available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next service pack that contains this hotfix.

To resolve this problem, submit a request to Microsoft Online Customer Services to obtain the hotfix. To submit an online request to obtain the hotfix, visit the following Microsoft Web site:

http://go.microsoft.com/?linkid=6294451

Note If additional issues occur or any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. To create a separate service request, visit the following Microsoft Web site:

http://support.microsoft.com/contactus/?ws=support

Prerequisites
No prerequisites are required.

Restart Requirement
You must stop and then restart Internet Information Services after you apply this hotfix.

Hotfix Replacement Information
This hotfix does not replace any other hotfixes.

File Information
The English version of this hotfix has the file attributes (or later) that are listed in the following table. The dates and times for these files are listed in coordinated universal time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.   Date         Time   Version       Size     File name          Platform --  26-Feb-2004  19:48  6.0.3790.134  339,968  W3core.dll         X86 26-Feb-2004 19:48  6.0.3790.134  945,664  W3core.dll         IA64 19-Jan-2004 22:54                    271  Branches.inf 26-Feb-2004 19:55                  9,766  Kb836533.cat 26-Feb-2004 19:49                    354  Updatebr.inf 26-Feb-2004 19:50                  6,262  Update_rtmqfe.inf Note This hotfix corrects this problem by using the DuplicateTokenEx function to change the token's impersonation level to SecurityDelegation.



WORKAROUND
To work around this problem, use Integrated security. Integrated security uses Kerberos.



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the &quot;Applies to&quot; section.

