Microsoft KB Archive/327387

From BetaArchive Wiki

Article ID: 327387

Article Last Modified on 12/5/2007


APPLIES TO

  • Microsoft Transaction Services 1.0
  • Microsoft Transaction Services 2.0
  • Microsoft COM+ 1.0
  • Microsoft COM+ 1.5, when used with:
    • Microsoft Windows 2000 Standard Edition


This article was previously published under Q327387

SYMPTOMS

When you type a valid user as the identity for a package or application, you may receive the following error message:

The user account or password entered is invalid. If you entered domain account, make sure the name is prefixed with the domain name.

CAUSE

This problem occurs when you try to change the identity for the application or a package to run under a particular user who does not have the "Access this computer from the network" user right.

RESOLUTION

To resolve this problem for a Microsoft Transaction Server (MTS) or COM+ package, verify the following:

  • The user credentials must be correct.
  • The user must have the "Access this computer from the network" user right. To grant this user right:
  1. In Control Panel, double-click Administrative tools, and then double-click Local Security Policy.
  2. Expand the Local Policies folder.
  3. Click User Rights Assignment.
  4. Double-click on Access this computer from the network.
  5. In the Properties dialog box, add the user or any group to which the user belongs to the Access this computer from the network rights list.


STATUS

This behavior is by design.

MORE INFORMATION

If problem persists even if you use valid user credentials and set correct user permissions, one of the following may be the reason:

  • Kerberos uses UDP as its protocol in Microsoft Windows 2000. This can cause authentication failures. To resolve this problem, configure Kerberos to use TCP as its underlying protocol. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

    244474 Forcing Kerberos to Use TCP Rather Than UDP in Windows 2000

  • When the clock on the domain is not synchronized with the clock on the server, authentication failure may occur. To resolve this problem, make sure that the clocks on the domain and the authentication server are synchronized.

Steps to Reproduce the Behavior

  1. In Administrative Tools, open Component Services.
  2. Expand the Component Services folder, expand theComputers folder, and then expand theCOM+ Applications folder.
  3. Right-click the application or package whose attributes you want to modify, and then click Properties.
  4. In the Properties dialog box, click the Identity tab.
  5. Select This User.
  6. Do any of the following:
    • Specify a non-existing <domain>/<username>.
    • If you specify a local account, use a non-existing <computer name>/<user name>.
    • Type an incorrect password for the specified user.
    • Remove the user and all groups to which the user belongs from the Access this computer from the network rights list. Additionally, remove the Users and Everyone groups from the Access this computer from the network rights list.


Keywords: kbmtsexplorer kbprb KB327387



Send feedback to Microsoft

© Microsoft Corporation. All rights reserved.


Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/327387&oldid=331404
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki