Microsoft KB Archive/240108

= Backup Host Security Cache Deleted on Exit if Primary Is Unavailable =

Article ID: 240108

Article Last Modified on 11/10/2003

-

APPLIES TO


 * Microsoft SNA Server 4.0 Service Pack 2
 * Microsoft SNA Server 4.0
 * Microsoft SNA Server 4.0 Service Pack 1

-



This article was previously published under Q240108



SYMPTOMS
When SNA Server Host Account Cache service (SnaDatabase) is installed on a Windows NT Backup Domain Controller (BDC) in a backup role, the host account database is deleted when the service is stopped, if contact with the primary Host Account Cache service has been lost.

When the backup Host Account Cache service is restarted, it will automatically contact the primary cache and download a new copy of the host cache database. However, if the primary Host Account Cache is unreachable (or has been taken off the network), the backup Host Account Cache will fail to start and will no longer have a host cache database.



CAUSE
The backup Host Account Cache service was designed to delete the database file when ending, if contact with the primary cache is lost. Even though the database is already encrypted using 128-bit encryption, the backup cache service attempts to implement additional security to prevent the database file from being accessible when the backup computer is taken off the network.



RESOLUTION
To resolve this problem, obtain the latest service pack for SNA Server version 4.0. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

215838 How to Obtain the Latest SNA Server Version 4.0 Service Pack



WORKAROUND
If a backup Host Account Cache service is planned to be promoted to a primary role (for example, promoting the computer to a Windows NT Primary Domain Controller), the backup cache should be stopped while the primary cache is still on the network.



STATUS
Microsoft has confirmed that this is a problem in Microsoft SNA Server version 4.0, 4.0 SP1 and 4.0 SP2. This problem was first corrected in SNA Server version 4.0 Service Pack 3.



MORE INFORMATION
The following scenario illustrates the problem that can occur when you promote a backup cache to a primary role:  Install a Windows NT PDC with SNA Server, Host Acct Cache (primary role), WinNT Account Synchronization, and SnaHostProc services. Install a Windows NT BDC with SNA Server, Host Acct Cache (backup role), WinNT Acct Sync (backup) and SnaHostProc.

 Configure a host security domain associated with the remote system, using two connections (one from each SNA Server computer).

NOTE: On the SNA Server computer that has the second connection added to the remote system host security domain, it's necessary to manually add the Domain registry key for the other host security domain and its associated values. For example, assuming the host security domain of "DILBERT":

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\

SnaHostProcess\Parameters\Domains\DILBERT\

LocalLU

RemoteLU

TPMode

and so on...

 Start both connections and populate the Host Account Cache with entries using Host Account Manager. Test to make sure that the Host Account Cache lookup works from both SNA Server computers (for example, using the WIN5250 applet). Unplug the PDC (to simulate a network outage). Leave the PDC unplugged through the following sequence:

<ol style="list-style-type: lower-alpha;"> On the BDC, the following errors are logged in the application log:

Event ID: 0

Source: SNA Host Security

Type: Information

Description: The description for Event ID ( 0 ) in Source ( SNA Host Security ) could not be found. It contains the following insertion string(s): 0x79.

</li> If you try to stop the SnaDatabase, the following error occurs:

C:> net stop snadatabase

The SNA Host Account Cache service could not be stopped

</li> Two more Event IDs (Event ID: 0) are logged. If you try to stop it again, the following error occurs:

The service could not be controlled in its present state

</li> Within another couple minutes, another Event ID: 0 is logged, and the SnaDatabase service is no longer running (no event is logged to indicate that it stopped),</li> When the SnaDatabase service has stopped, the Host Cache database is deleted (for example, no more hidden file: Hsroot\Hssystem\Dbase.dbs )

If the SnaDatabase is restarted on the BDC (with PDC still down), the following two events are logged:

Event 0: x79

Event 1324: SNA Host Account Cache Started - Database synchronized

</li> A few seconds later, another Event 0: x79 is logged, and the SnaDatabase service quietly ends (no events are logs).</li></ol> </li></ol>

With this fix applied, the backup Host Account Cache database is no longer deleted, and the event logging is corrected.

Keywords: kbbug kbfix kbsna400sp3fix kbqfe KB240108

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.