Access Violation and Event ID 100 Error Messages When You Start PDC That Is Running IIS (272206)

SYMPTOMS

When you start a primary domain controller (PDC) that is running Internet Information Server (IIS), the following error message may appear:

Dr Watson
Application: lsass.exe
Exception: access violation (0xc0000005)
Address:0x006b0072

Event Viewer may display the following error messages:

Event id:100
Source: w3svc
"Server was unable to logon the Windows NT account "." due to the following error: Unknown username or bad password"

Event id:100
Source: w3svc
"The security database contains an internal inconsistency"

CAUSE

This behavior can occur if the Windows NT user account that is configured for Anonymous Logon for the WWW Service is invalid or does not have the right to log on locally to the PDC.

RESOLUTION

To resolve this behavior, replace the user account that is configured for Anonymous Logon in the WWW Service with a valid Windows NT account that has the right to log on locally to the PDC:

Start the Internet Service Manager.
In the right pane of the Microsoft Management Console (MMC), expand Internet Information Server and then expand server name.
Right-click Default Web Site, and then click Properties.
Click Directory Security.
In the Anonymous Access and Authentication Control group, click Edit.
Click Edit next to Account used for Anonymous Access.
Click Browse.
Select the account that you want to use for Anonymous Logon, click Add, and then click OK.
Click Enable Automatic Password Synchronization, and then click OK.
Click OK to close each open dialog box.
Quit MMC. When you are prompted to save the settings, click Yes.