Microsoft KB Archive/296939

= PRB: Access or Replication Failures May Occur with Errors 8015 and 5027 =

Article ID: 296939

Article Last Modified on 9/4/2001

-

APPLIES TO


 * Microsoft Application Center 2000 Standard Edition

-



This article was previously published under Q296939



SYMPTOMS
You may see event query access failures or replication failures that result in Windows event log entries like the following:

__CLASS: MicrosoftAC_Replication_Session_Connection_ConFailed_Event

__SERVER:  

ServerGUID: 

EventId: 5027

GUID: {219A6CCC-1C21-4C0C-888D-57260E74CDEF}

RemoteServer:  

ReplicationID: 

ReplicationJobID: 

Status: 0x80070569

StatusMessage: Logon failure: the user has not been granted the requested logon type at this computer.

TimeGenerated:  

Type: 1

DisplayName: Replication Session Connection ConFailed

-or-

__CLASS: MicrosoftAC_Monitoring_Logging_QueryFailed_Event

__SERVER:  

ServerGUID: 

ConnString:  

EventId: 8015

GUID: 

OLEDBError: Source: Microsoft OLE DB Provider for SQL Server Description: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. SQLSTATE: 42000 hr: 0x80040e4d

Query: SELECT TOP 40 * FROM EventView WHERE Log = 'Application Center' AND Severity <= 2 AND (Category = N'Replication' AND Data LIKE N'%ReplicationID=%cluster name%;%') ORDER BY TimeGenerated DESC, ID DESC

Status: 0x80040e4d

StatusMessage:

TimeGenerated:  

Type: 1

DisplayName: Monitoring Logging QueryFailed



CAUSE
The Application Center 2000 account ACC_ClusterController needs local log on rights and ACL_Clustermember needs batch log on rights for distributed event log queries and DCOM access to replication objects. If these accounts are not present in the appropriate sections under the local security policy, you may experience these types of errors.



RESOLUTION
Fix domain group policy objects or local policy settings to allow interactive log on for Application Center 2000 local accounts.

Use the following steps to check and change log on as a batch job and log on local privileges:
 * 1) Under Administrative Tools, open the Local Security Policy.
 * 2) Click Local Policies, and then double-click User Rights Assignment.
 * 3) Double-click Log on as a batch job and verify that ACL_  is selected in both columns.
 * 4) If ACL_  doesn't appear, click Add, and then add it to the list. Click OK.
 * 5) Under User Rights Assignment, double-click Log on locally and verify that ACC_  is selected in both columns.
 * 6) If ACC_  name does not appear, click Add, and then add it to the list. Click OK.
 * 7) If your server is a domain member, in the Local Security Settings Microsoft Management Console (MMC), right-click Security Settings, and then click Reload from the pop-up menu. Repeat steps 2 and 3 if ACL_  and ACC_  are not selected in the &quot;Effective Policy Setting&quot; columns under the appropriate sections. Work with your domain administrators to modify your domain policies to allow your local policy settings to take effect.



STATUS
This behavior is by design.

Keywords: kbprb KB296939

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.