Error message on a Windows Vista-based computer when you try to connect to Microsoft SQL Server Management Studio by using a VPN connection: "The user is not associated with a trusted SQL Server Connection"

Article translations Article translations
Article ID: 942003 - View products that this article applies to.
Expand all | Collapse all

On This Page

SYMPTOMS

On a Windows Vista-based computer, when you try to connect to Microsoft SQL Server Management Studio by using a virtual private network (VPN) connection, you receive an error message that resembles the following:
The user is not associated with a trusted SQL Server Connection
Note This issue does not occur on a Windows XP Service Pack 2 (SP2)-based computer in the same environment.

On the computer that hosts the SQL Server role, the following events are logged:

Event Type: Error
Event Source: MSSQLSERVER
Event Category: (4)
Event ID: 17806
Date: Date
Time: Time
User: N/A
Computer: Computer
Description: SSPI handshake failed with error code 0x8009030c while establishing a connection with integrated security; the connection has been closed. [CLIENT: ClientIPAdress]
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Failure Audit
Event Source: MSSQLSERVER
Event Category: (4)
Event ID: 18452
Date: Date
Time: Time
User: N/A
Computer: Computer
Description: Login failed for user. The user is not associated with a trusted SQL Server connection. [CLIENT:ClientIPAdress]
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

If you enable debug logging for the Netlogon service on the authenticating server, the following entry is logged in the in the Netlogon.log file:
[LOGON] SamLogon: Network logon of Computer\User from Computer Entered
[CRITICAL] NlPrintRpcDebug: Could not get EEInfo for I_NetLogonSamLogonEx: 1761 (may be legitimate for 0xc0000064) (err 0xc0000064 = STATUS_NO_SUCH_USER)
[LOGON] SamLogon: Network logon of Computer\User from Computer Returns 0xC000006A (err 0xC000006A= STATUS_WRONG_PASSWORD)
Note Computer is a placeholder for the name of the Windows Vista-based computer. Also, User is a placeholder for the user account that you use to log on to the computer.

This entry indicates that Windows Vista uses the Windows Vista-based computer credentials for authentication instead of using the domain credentials.

Note In different network environments, the following servers can be authenticating servers:
  • A Routing and Remote Access server
  • An Internet Authentication Service (IAS) server

CAUSE

For Windows Vista to use a VPN connection to connect to the applications that use NTLM authentication, Windows Vista must obtain VPN credentials from Credential Manager. However, Windows Vista cannot read the credentials from Credential Manager. Therefore, Windows Vista uses the Windows Vista-based computer credentials. However, the Windows Vista-based computer credentials do not apply to NTLM authentication.

RESOLUTION

Service pack information

To resolve this problem, obtain the latest service pack for Windows Vista. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
935791 How to obtain the latest Windows Vista service pack

Hotfix information

A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.

If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix.

Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site:
http://support.microsoft.com/contactus/?ws=support
Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.

Prerequisites

There are no prerequisites for installing this hotfix.

Restart requirement

You must restart the computer after you apply this hotfix.

Hotfix replacement information

This hotfix does not replace a previously released hotfix.

Registry information

To use this hotfix, you do not have to make any changes to the registry.

File information

The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.
Windows Vista, 32-bit versions
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
Update.mumNot applicable1,99831-Aug-200711:16Not applicable
X86_a34547243bb6cc9ca5bb11ff704387f2_31bf3856ad364e35_6.0.6000.20672_none_97ff21aef2988a52.manifestNot applicable69131-Aug-200711:16Not applicable
X86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.20672_none_a4a4382178f9402d.manifestNot applicable36,68231-Aug-200711:16Not applicable
Ksecdd.sys6.0.6000.16386407,14431-May-200722:28x86
Lsa-ppdlic.xrm-msNot applicable2,99831-Aug-200702:11Not applicable
Lsasrv.dll6.0.6000.206721,234,43231-Aug-200702:13x86
Lsass.exe6.0.6000.206727,68031-Aug-200701:11x86
Secur32.dll6.0.6000.2067272,70431-Aug-200702:14x86
Windows Vista, 64-bit versions
Collapse this tableExpand this table
File nameFile versionFile sizeDateTimePlatform
Amd64_a9167fff34887e93b1778377876ca781_31bf3856ad364e35_6.0.6000.20672_none_56d63154de230b18.manifestNot applicable69531-Aug-200711:16Not applicable
Amd64_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.20672_none_00c2d3a53156b163.manifestNot applicable36,77031-Aug-200711:19Not applicable
Update.mumNot applicable2,01031-Aug-200711:16Not applicable
Ksecdd.sys6.0.6000.16386477,80031-May-200722:27x64
Lsa-ppdlic.xrm-msNot applicable2,99831-Aug-200703:04Not applicable
Lsasrv.dll6.0.6000.206721,662,97631-Aug-200703:15x64
Lsass.exe6.0.6000.206729,72831-Aug-200701:27x64
Secur32.dll6.0.6000.2067294,72031-Aug-200703:16x64

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section. This problem was first corrected in Windows Vista Service Pack 1.

MORE INFORMATION

For more information, click the following article numbers to view the articles in the Microsoft Knowledge Base:
109626 Enabling debug logging for the Net Logon service
824684 Description of the standard terminology that is used to describe Microsoft software updates

Properties

Article ID: 942003 - Last Review: October 8, 2011 - Revision: 3.0
APPLIES TO
  • Windows Vista Enterprise 64-bit Edition
  • Windows Vista Home Premium 64-bit Edition
  • Windows Vista Ultimate 64-bit Edition
  • Windows Vista Business
  • Windows Vista Business 64-bit Edition
  • Windows Vista Enterprise
  • Windows Vista Home Premium
  • Windows Vista Ultimate
Keywords: 
kbautohotfix kbvistasp1fix kbexpertisebeginner kbexpertiseadvanced kbqfe kbHotfixServer KB942003

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com