Microsoft KB Archive/928780

From BetaArchive Wiki
< Microsoft KB Archive
Revision as of 17:34, 18 July 2020 by 3155ffGd (talk | contribs) (importing KB archive)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Knowledge Base


Event ID: 6036 is logged in the System log when you connect to an instance of SQL Server 2005 or to an instance of SQL Server 2000 from a Windows Vista-based computer

Article ID: 928780

Article Last Modified on 11/20/2007



APPLIES TO

  • Microsoft SQL Server 2005 Standard Edition
  • Microsoft SQL Server 2005 Developer Edition
  • Microsoft SQL Server 2005 Enterprise Edition
  • Microsoft SQL Server 2005 Workgroup Edition
  • Microsoft SQL Server 2005 Express Edition
  • Microsoft SQL Server 2005 Standard X64 Edition
  • Microsoft SQL Server 2005 Standard Edition for Itanium-based Systems
  • Microsoft SQL Server 2005 Enterprise X64 Edition
  • Microsoft SQL Server 2005 Enterprise Edition for Itanium-based Systems
  • Microsoft SQL Server 2000 Standard Edition
  • Microsoft SQL Server 2000 Enterprise Edition
  • Microsoft SQL Server 2000 Developer Edition
  • Microsoft SQL Server 2000 Workgroup Edition
  • Microsoft SQL Server 2000 Personal Edition



SYMPTOMS

Consider the following scenario. You connect to an instance of Microsoft SQL Server 2005 or to an instance of Microsoft SQL Server 2000 from a Windows Vista-based computer. You use integrated authentication for the connection. In this scenario, a Warning event that resembles the following is logged in the System log: Log Name: System
Source: LsaSrv
Date: Date
Event ID: 6036
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: Computer_Name
Description: The program Application_Name, with the assigned Process ID Process_ID, supplied a NULL or empty target name for the pszTargetName parameter when calling the InitializeSecurityContext API to initiate an outbound NTLM security context. This is a security risk when mutual authentication is required.

To help protect against a malicious attack, make your code more secure. To do this, change the program so that it specifies a target name in the pszTargetName parameter field, and then recompile the code.

This behavior may occur if one of the following conditions is true:

  • You connect to the instance of SQL Server by using the SQL Server Native Client (SQL Native Client) provider.
  • You connect to the instance of SQL Server by using Microsoft ADO.NET in an application.
  • You connect to the instance of SQL Server by using Windows Data Access Components (Windows DAC) in an application.


Note Windows DAC was formerly known as Microsoft Data Access Components (MDAC).


CAUSE

This event indicates that you used NTLM authentication. You can safely ignore this event. This event is not logged if you use Kerberos authentication.

STATUS

This behavior is by design.

MORE INFORMATION

When you connect to an instance of SQL Server by using integrated authentication, you can use Kerberos authentication if the connection is made by using the TCP/IP protocol. If the connection is made by using a different protocol, the authentication mode falls back to NTLM authentication.

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

909801 How to make sure that you are using Kerberos authentication when you create a remote connection to an instance of SQL Server 2005


Keywords: kbtshoot kbprb kbexpertiseadvanced kbsql2005connect KB928780