Microsoft KB Archive/326554

= PRB: Event 4097 Error Message When You Visit Your Commerce Server 2002 Site That Uses Windows Integrated Authentication =

Article ID: 326554

Article Last Modified on 9/22/2006

-

APPLIES TO


 * Microsoft Commerce Server 2002 Standard Edition

-



This article was previously published under Q326554



SYMPTOMS
When you unpack your new site, and then visit your site, you receive the following error message in Internet Explorer:



The page cannot be displayed

We apologize for the inconvenience. Please try again later. If the problem persists, please contact our webmaster.

In the Event Viewer, the following event appears in your application log:

Event Type: Error

Event Source: Commerce Server 2002

Event Category: None

Event ID: 4097

Date: 7/17/2002

Time: 2:02:19 PM

User: N/A

Computer: 

Description:



Error Type: ADODB.Connection

Page: //Default.asp

File: //include/global_siteconfig_lib.asp

Line:280

80040E4D

Operation is not allowed when the object is closed. Note: Set Application(&quot;MSCSEnv&quot;) = DEVELOPMENT to turn on client error messages.

Note: Please see error\500error.asp to further customize error messages.

For more information, see Help and Support Center at http://support.microsoft.com.

When you use an error lookup utility for 80040E4D, the utility notes that this HResult is an authentication failure. The utility report appears as follows:

Error Result : 0x80040E4D ( -2147217843 )

ID Defined as : DB_SEC_E_AUTH_FAILED

Error Type : OLE HRESULT Error

Facility : FACILITY_ITF 0x00000004 ( 4 )

Severity : SEVERITY_ERROR 0x00000001 ( 1 )

Code : 0x00000E4D ( 3661 )

Source Error file : Oledberr.h

Message Text : Authentication failed



CAUSE
When you unpack your site, the connection strings to your databases are automatically configured to use Windows Authentication. The Windows account through which you gain access to the site does not have the appropriate SQL Server access permissions.



RESOLUTION
You have to configure the appropriate Windows accounts to have SQL Server access permissions. For complete information about how to do this, see the following topics in the Commerce Server 2002 product documentation:
 * Securing Commerce Server Databases
 * Deploying Commerce Server Using Windows Authentication

These topics give you the steps that you must perform to install Commerce Server using Windows Integrated Security, and to secure your services and databases to use Windows Authentication. These topics are not specific to a particular deployment scenario.

To download the latest documentation, visit the following Microsoft Web site:

Download Commerce Server 2002 Documentation

You can also view the following white paper, which provides detailed instructions for how to deploy Commerce Server 2002 in a secure configuration:

Commerce Server Secure Deployment White Paper

http://www.microsoft.com/downloads/release.asp?ReleaseID=40672



STATUS
This behavior is by design.



MORE INFORMATION
After you unpack your Commerce Server 2002 site by using Windows Integrated authentication, you receive the following message:

Commerce Server Site Packager

The database connection strings for the following resources have been configured to use Windows Integrated authentication. Use SQL Server Enterprise Manager to configure access permissions on the appropriate Windows accounts that will access the applications(s) you have just unpacked. If you do not configure the required access permissions, users may experience access failures when using these applications. For complete information on configuring the appropriate Windows accounts with SQL Server access permissions see &quot;Securing Commerce Server Databases&quot; in Commerce Server online help.

Business Desk Permissions

Profiles

Campaigns

Direct Mail

Data Warehouse

Predictor

Product Catalog

Transaction Config

Transactions

Commerce Server 2002 generates this message to let you know that you have just unpacked your site by using Windows Integrated authentication and that you must manually configure access permissions on the accounts that will have access to the application or applications that you have unpacked.

It is strongly recommended that you use Windows Authentication for access to your databases. When you configure your database connection strings for Windows Authentication, you must assign the appropriate access to your databases for design-time users and for run-time users. A Business Desk user uses a design-time account. The visitors to your Web site use run-time user accounts (anonymous domain accounts).

NOTE: The topics mentioned in the &quot;Resolution&quot; section explain the permissions that the design-time users and the run-time users must have to gain access to the databases. If you do not do this, an &quot;out-of-the-box&quot; site produces the behavior that is described in the &quot;Symptoms&quot; section.

Additional query words: plutonium

Keywords: kbfix kbnofix kbprb kbpending KB326554

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.