PRB: Access or Replication Failures May Occur with Errors 8015 and 5027 (296939)
The information in this article applies to:
- Microsoft Application Center 2000
This article was previously published under Q296939 SYMPTOMS
You may see event query access failures or replication failures that result in Windows event log entries like the following:
__CLASS: MicrosoftAC_Replication_Session_Connection_ConFailed_Event
__SERVER: <server name>
ServerGUID: <server GUID>
EventId: 5027
GUID: {219A6CCC-1C21-4C0C-888D-57260E74CDEF}
RemoteServer: <cluster name>
ReplicationID: <replication ID>
ReplicationJobID: <replication job ID>
Status: 0x80070569
StatusMessage: Logon failure: the user has not been granted the requested logon type at this computer.
TimeGenerated: <date><time>
Type: 1
DisplayName: Replication Session Connection ConFailed
__CLASS: MicrosoftAC_Monitoring_Logging_QueryFailed_Event
__SERVER: <server name>
ServerGUID: <server GUID>
ConnString: <connection string>
EventId: 8015
GUID: <GUID>
OLEDBError: Source: Microsoft OLE DB Provider for SQL Server Description: Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. SQLSTATE: 42000 hr: 0x80040e4d
Query: SELECT TOP 40 * FROM EventView WHERE Log = 'Application Center' AND Severity <= 2 AND (Category = N'Replication' AND Data LIKE N'%ReplicationID=%cluster name%;%') ORDER BY TimeGenerated DESC, ID DESC
Status: 0x80040e4d
StatusMessage:
TimeGenerated: <date><time>
Type: 1
DisplayName: Monitoring Logging QueryFailed
CAUSE
The Application Center 2000 account ACC_ClusterController needs local log on rights and ACL_Clustermember needs batch log on rights for distributed event log queries and DCOM access to replication objects. If these accounts are not present in the appropriate sections under the local security policy, you may experience these types of errors.
RESOLUTION
Fix domain group policy objects or local policy settings to allow interactive log on for Application Center 2000 local accounts.
Use the following steps to check and change log on as a batch job and log on local privileges:
- Under Administrative Tools, open the Local Security Policy.
- Click Local Policies, and then double-click User Rights Assignment.
- Double-click Log on as a batch job and verify that ACL_<computer name> is selected in both columns.
- If ACL_<computer name> doesn't appear, click Add, and then add it to the list. Click OK.
- Under User Rights Assignment, double-click Log on locally and verify that ACC_<computer name> is selected in both columns.
- If ACC_<computer> name does not appear, click Add, and then add it to the list. Click OK.
- If your server is a domain member, in the Local Security Settings Microsoft Management Console (MMC), right-click Security Settings, and then click Reload from the pop-up menu.
Repeat steps 2 and 3 if ACL_<computer name> and ACC_<computer name> are not selected in the "Effective Policy Setting" columns under the appropriate sections. Work with your domain administrators to modify your domain policies to allow your local policy settings to take effect.
STATUS
This behavior is by design.
| Modification Type: | Major | Last Reviewed: | 9/4/2001 |
|---|
| Keywords: | kbDSupport kbprb KB296939 |
|---|
|