Article ID: 238238
Article Last Modified on 3/14/2006
APPLIES TO
- Microsoft SQL Server 7.0 Standard Edition
This article was previously published under Q238238
BUG #: 56167 (SQLBUG_70)
SYMPTOMS
SQL Server and ODS developed applications commonly use the ODS API srv_impersonate_client during login processing to test authentication credentials. The credentials are checked and the ODS API call srv_revert_to_self is invoked to revert the worker thread security context.
When the client connects over the multi-protocol network library, the srv_revert_to_self API returns FALSE and does not properly revert the worker thread security context. SQL Server does not log this failure in the errorlog.
CAUSE
The srv_revert_to_self function uses RpcRevertToSelf instead of RpcRevertToSelfEx.
WORKAROUND
Open Data Services(ODS) supports multiple network protocols. Using protocols such as Named Pipes or TCP/IP properly revert the worker thread context.
STATUS
Microsoft has confirmed this to be a problem in SQL Server 7.0. This problem has been corrected in U.S. Service Pack 2 for Microsoft SQL Server 7.0. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
254561 INF: How to Obtain Service Pack 2 for Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0
For more information, contact your primary support provider.
MORE INFORMATION
Since the revert does not take place properly, subsequent operations performed by the worker thread requiring a security check can fail. When the worker thread remains impersonated the security operation is a delegation attempt and not currently supported on Windows NT 4.0.
Examples of external actions would be BULK INSERT and linked server executions. You may see the following error from the BULK INSERT command:
Keywords: kbbug kbfix KB238238