The information in this article applies to:
SYMPTOMSThe SNA Server service (Snaservr.exe) may unexpectedly fail with an access violation, causing an SNA Server Event 624 to be logged in the Windows NT application event log, and a log entry to be written to the Winroot\Drwtsn32.log file. This specific problem only occurs when SNA Server is supporting an application that is attempting to use "privileged proxy" security, as described in the following Knowledge Base article: Q165385 Single Signon for APPC Applications Using Privileged ProxyFor example, this could occur if COM Transaction Integrator (COMTI) is being used and a COMTI Remote Environment is configured to authenticate with user credentials. When this failure occurs, all SNA client users who are currently accessing this server lose their SNA sessions. Note that the stack-back trace indicates that the Snasii.dll (SNA Server Host Security DLL) has been called by the SNA Server service.
CAUSE
When SNA Server receives a "privileged proxy" host security request from an APPC application, the SNA Server first verifies if the application's user context is authorized to make the request. As part of this verification, SNA Server attempts to determine what groups the user is a member of. If the Windows NT primary domain controller (PDC) for the user domain is inactive, SNA Server passes an invalid server name to the NetGroupGetUsers function, leading to an access violation. RESOLUTIONTo resolve this problem, obtain the latest service pack for SNA Server version 4.0. For additional information, please see the following article in the
Microsoft Knowledge Base: Q215838 How to Obtain the Latest SNA Server Version 4.0 Service Pack STATUSMicrosoft has confirmed this to be a problem in Microsoft SNA Server version 4.0, 4.0 SP1 and 4.0 SP2. This problem was first corrected in SNA Server version 4.0 Service Pack 3. MORE INFORMATIONWith this update applied, the SNA Server host security DLL (Snasii.dll) no longer encounters an access violation if the Windows NT PDC is down and the COMTI user authentication is being used. In addition, Snasii attempts to use the closest domain controller (including backup domain controllers), not relying on the PDC, and find another domain controller if the one becomes unavailable. Additional query words:
Keywords : sna4sp3fix sna4 sna4sp1 sna4sp2 |
Last Reviewed: September 29, 1999 © 2000 Microsoft Corporation. All rights reserved. Terms of Use. |