"Invalid Password" Error Message When You Log on to the Compass Client (285204)


The information in this article applies to:

  • Microsoft Metadirectory Services 2.2
  • Microsoft Metadirectory Services 2.2 SP1
This article was previously published under Q285204

SYMPTOMS

When you attempt to log on to the Compass client with an administrator password after you have moved the database to another server, you may receive the following error message:
Invalid Password
The following error may also be logged in the Genlogs file:
Error -2146893813: Internal error reading key

CAUSE

This behavior can occur because Microsoft Metadirectory Services is unable to decrypt the password attribute. In the Microsoft Metadirectory Services store, all password attributes are stored by using the highest level of encryption, which is installed in the operating system. In the release of Microsoft Metadirectory Services version 2.2 Service Pack 1 (SP1), the highest level of encryption is 128-bit encryption.

RESOLUTION

To resolve this behavior, restore the server keys by using the Key Manager utility (MMSKeyMGR):
  1. Even though it is not required, it is recommended that you stop the Zoomit Server service before you restore the server keys. To stop the Zoomit Server service, at a command prompt, type: net stop "zoomit server".
  2. Click Start, point to Programs, and then click Microsoft Metadirectory Services.
  3. Click MMS Key Manager Utility.
  4. Click Restore Keys.
  5. You are prompted for a password. In the dialog box, type the password that you used when you created the backup (the case of the letters is important).
  6. Click OK.
  7. The Open dialog box displays the Zoomserv/Data/Config folder. If you click the default file name, the Backup.mmskey file is displayed.
  8. Click the appropriate backup file, and then click Open.
  9. If the restore procedure is successful, a message box is displayed that states "Successfully Restored Server Keys."
  10. Click OK to close the message box.
  11. If required, restart the Zoomit Server service: At a command prompt, type: net start "zoomit server".
For additional information about the correct steps to move a Microsoft Metadirectory Services server to another computer, click the article number below to view the article in the Microsoft Knowledge Base:

285980 How to Move a Microsoft Metadirectory Services 2.2 Database to Another Server

Modification Type:MinorLast Reviewed:1/25/2006
Keywords:kberrmsg kbprb KB285204
©2004 Microsoft Corporation. All rights reserved.