Microsoft KB Archive/293637

= Event ID 8 When Clients Try to Access IIS FTP Site =

Article ID: 293637

Article Last Modified on 11/21/2006

-

APPLIES TO


 * Microsoft Internet Information Services 5.0
 * Microsoft Internet Information Server 4.0

-



This article was previously published under Q293637



We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 6.0 running on Microsoft Windows Server 2003. IIS 6.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:

http://www.microsoft.com/technet/security/prodtech/IIS.mspx



SYMPTOMS
When FTP clients try to access an Internet Information Server (IIS) FTP site, they may receive an error message, and Event ID 8 appears in the System Event Viewer Log:

Source MSFTPSVC Event ID 8: FTP Server could not create a client worker Thread for user at host xxx.xxx.xxx.xxx. The connection to this user is terminated the data is the error. (No error Code)

where xxx.xxx.xxx.xxx is the client's IP address.

To determine if this error relates to IP Security, use the Adsutil.vbs script when this event occurs to enumerate the metabase as follows:  On the Start menu, click Run, and then type cmd to open a command prompt. In IIS 5.0, type the following command to change directories:

cd inetpub\adminscipts

In IIS 4.0, type the following command to change directories:

cd winnt\system32\inetsrv\adminsamples

 To enumerate and generate the error, type the following command:

cscript adsutil.vbs enum msftpsvc//root

NOTE: The FTP site number is 1 for the Default FTP Site.

If you receive the following error message:

DataType: &quot;IPSec&quot; Not Yet Supported on property: IPSecurity

ErrNumber: 0 (0x0)

the problem is caused by incorrect settings in the metabase. Although these errors seem to be occurring, the Internet Services Manager shows that IP restrictions are currently being used.



CAUSE
This problem can occur when the metabase flag for IP Security is not correctly removed from the metabase after changes are made to the IP Restrictions. Although the settings are changed so that everyone has access to the FTP site, the setting in the metabase is still flagged.



RESOLUTION
If the problem recurs after you give all clients access to the FTP site, follow these steps:  In IIS 5.0, at the command prompt, type the following command:

cd inetpub\adminscipts

In IIS 4, at a command prompt, type the following command:

cd winnt\system32\inetsrv\adminsamples

</li> At a command prompt, type the following command:

cscript adsutil.vbs delete msftpsvc/<FTP site number>/root/ipsecurity

You should receive the following message:

<pre class="fixed_text">deleted property &quot;ipsecurity&quot;

</li> At a command prompt, type the following command to stop the FTP services:

net stop iisadmin /y

</li> At a command prompt, type the following command to start the FTP services:

net start msftpsvc

</li></ol>

Additional query words: iis 5

Keywords: kbprb kbpending KB293637

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.