You are currently offline, waiting for your internet to reconnect

FIX: COM+ 1.0 Catalog Requires NTLM-based Authentication

This article was previously published under Q275482
This article has been archived. It is offered "as is" and will no longer be updated.
SYMPTOMS
If NTLM-based authentication is disabled on the Domain Controller (for instance, to create a more secure environment on Microsoft Windows 2000 domains), you cannot set the identity of a COM+ application to a particular user.
CAUSE
The COM+ Catalog uses NTLM authentication to verify the user name and password that you specify to set the RunAs identity of a COM+ application.
RESOLUTION
To resolve this problem, obtain the latest service pack for Windows 2000. For additional information, click the following article number to view the article in theMicrosoft Knowledge Base:
260910 How to Obtain the Latest Windows 2000 Service Pack
STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Windows 2000 Service Pack 2.
MORE INFORMATION

Steps to Reproduce Behavior:

  1. In the DC Group Policy editor, set the LAN Manager Authentication level to Send NTLMV2 response only \refuse LM and NTLM.
  2. Create a COM+ application on the member workstation or server, and set the identity to a valid domain user.
  3. The following information appears in the security log:
    Reason: Unknown user name or bad password
    User Name: SomeUser
    Domain: SomeDomain
    Logon Type: 3
    Logon Process: NtLmSsp
    Authentication Package: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
    Workstation Name: SomeWorkstation
    In addition, a message box states that the user name and password are incorrect.
Properties

Article ID: 275482 - Last Review: 10/21/2013 02:15:37 - Revision: 1.0

Microsoft COM+ 1.0

  • kbnosurvey kbarchive kbbug kbfix kbsecurity kbsysadmin kbwin2000presp2fix KB275482
Feedback