Microsoft KB Archive/259489

From BetaArchive Wiki
Knowledge Base


RPC Security Callback Has No Implicit Security Context

Article ID: 259489

Article Last Modified on 2/20/2007



APPLIES TO

  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Professional Edition



This article was previously published under Q259489

SYMPTOMS

Calls to RpcImpersonateClient, RpcBindingInqAuthClient, or any function that expects an implicit security context may not succeed and may generate one of the following error messages:

RPC_S_NO_CALL_ACTIVE

ERROR_ACCESS_DENIED

This behavior can occur if the following conditions exist:

  • RpcServerRegisterIfEx is used to register an interface with the Remote Procedure Call (RPC) run time and a security callback is specified.
  • A connection-oriented protocol sequence is used (ncacn_*).


CAUSE

Because of a problem in RPC in Windows 2000, no implicit security context is set in the callback functionality.

RESOLUTION

There are two known workarounds to this problem:

  • Use the context that is passed to the security callback function explicitly in calls to functions that require an implicit security context.
  • Use ncalrpc or a non-connection-oriented protocol sequence (ncadg_*). Note that ncalrpc works only locally.


STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article.

Keywords: kbnetwork kbpending kbprb kbrpc KB259489