Sign in with Microsoft
Sign in or create an account.
Hello,
Select a different account.
You have multiple accounts
Choose the account you want to sign in with.

Symptoms

Consider the following scenario:

  • You have a Web application that is running in Internet Information Services (IIS) 7.0 on a Windows Vista-based computer or on a Windows Server 2008-based computer.

  • You have both Windows Authentication and Kernel Mode authentication enabled.

    Note This is by default.

  • You have the useAppPoolCredentials attribute set to true in the authentication section in the Applicationhost.config file. You may have added this attribute to allow the use of Kerberos authentication when you use a domain account for the application pool identity. For example, this attribute must be added when you are running a Microsoft Office SharePoint Server site. The authentication section resembles the following.

    <windowsAuthentication enabled="true" useKernelMode="true" useAppPoolCredentials="true"/>

    Note The Applicationhost.config file is located in the Drive:\Windows\System32\inetsrv\config folder.

In this scenario, the operating system may crash. Additionally, you receive a Stop 0x0000007e error message on a blue screen.

Note This problem typically occurs on Web servers that host Office SharePoint Server 2007. This problem occurs because of the configuration requirements of Office SharePoint Server 2007 when Kerberos authentication is used. However, the problem may occur for any kind of Web site that is using Kernel Mode authentication, Kerberos authentication, and a domain account as the custom application pool identity.

Cause

This problem occurs because of a bug in the HTTP kernel-mode driver (HTTP.sys).

Resolution

Hotfix information

A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing the problem described in this article. This hotfix might receive additional testing. Therefore, if you are not severely affected by this problem, we recommend that you wait for the next software update that contains this hotfix.

If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, contact Microsoft Customer Service and Support to obtain the hotfix.

Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site:

http://support.microsoft.com/contactus/?ws=supportNote The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language.

Important Windows Vista and Windows Server 2008 hotfixes are included in the same packages. However, only one of these products may be listed on the “Hotfix Request” page. To request the hotfix package that applies to both Windows Vista and Windows Server 2008, just select the product that is listed on the page.

Prerequisites

You must have Windows Vista Service Pack 1 (SP1) or Windows Server 2008 installed to apply this hotfix.

Restart requirement

You must restart the computer after you apply this hotfix.

Hotfix replacement information

This hotfix does not replace a previously released hotfix.

File information

The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time item in Control Panel.

IIS 7.0, x86

File name

File version

File size

Date

Time

Platform

Http.sys

6.0.600 1.22375

401,408

12-Feb-2009

03:33

x86

IIS 7.0, x64

File name

File version

File size

Date

Time

Platform

Http.sys

6.0.600 1.22375

596,480

12-Feb-2009

04:10

x64

IIS 7.0, IA-64

File name

File version

File size

Date

Time

Platform

Http.sys

6.0.600 1.22375

1,143,808

12-Feb-2009

02:54

IA- 64

Workaround

To work around this problem, disable Kernel Mode authentication by using one of the following methods.

Method 1

Set the value of the useKernelMode element to false in the appropriate windowsauthentication section in the ApplicationHost.config file.

<windowsAuthentication enabled="true" useKernelMode="false"/>

Method 2

Disable Kernel Mode authentication by using IIS Manager. To do this, follow these steps:

  1. Click Start, click Run, type
    inetmgr.exe, and then click OK.

  2. In IIS Manager, expand
    server name, expand Web sites, and then click the Web site that you want to change.

  3. Double-click Authentication, click Windows Authentication to highlight it, and then click Advanced Settings in the Action pane.

  4. Click to clear the Enable Kernel-mode authentication box.

After you disable Kernel Mode authentication, you must restart the HTTP service. This will stop IIS. Run the following commands at an elevated command prompt.

  • NET STOP HTTP

  • NET START HTTP

  • IISRESET /START

Note These commands will stop the HTTP service. When you stop the HTTP service, you receive a warning message that the services that depend on the HTTP service will also be stopped. Take careful note of these dependent services so that you can determine whether you want to continue and so that you can restart them after you restart the HTTP service. The services that depend on the HTTP service will depend on the Windows roles and applications that are currently installed on the computer.

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

More Information

Call stack output

If you use the Debugging Tools for Windows and the Microsoft symbol server to examine the memory dump file that is created after the crash occurs, you will notice a call stack that resembles the following:
Child-SP RetAddr Call Site
fffffa60`02ff5b58 fffff800`01ba3644 nt!KeBugCheckEx
fffffa60`02ff5b60 fffff800`01b60f71 nt!PspUnhandledExceptionInSystemThread+0x24
fffffa60`02ff5ba0 fffff800`018c87d8 nt!PspSystemThreadStartup+0x9e
fffffa60`02ff5bd0 fffff800`018c86bd nt!_C_specific_handler+0x8c
fffffa60`02ff5c40 fffff800`018cfcff nt!RtlpExecuteHandlerForException+0xd
fffffa60`02ff5c70 fffff800`0188cd83 nt!RtlDispatchException+0x22f
fffffa60`02ff6360 fffff800`018b51a9 nt!KiDispatchException+0xc3
fffffa60`02ff6960 fffff800`018b3fa5 nt!KiExceptionDispatch+0xa9
fffffa60`02ff6b40 00000000`00010005 nt!KiPageFault+0x1e5
fffffa60`02ff6cd8 fffffa60`0805129e 0x10005
fffffa60`02ff6ce0 fffff800`01ad7ff3 HTTP!UlpThreadPoolWorker+0x28e
fffffa60`02ff6d50 fffff800`018ef546 nt!PspSystemThreadStartup+0x57
fffffa60`02ff6d80 00000000`00000000 nt!KxStartSystemThread+0x16 Note The part of the call stack that indicates that this particular system crash is occurring is HTTP!UlpThreadPoolWorker.

References

For more information about using Kerberos authentication together with Office SharePoint Server, visit the following Web sites:

http://www.harbar.net/archive/2008/05/18/Using-Kerberos-with-SharePoint-on-Windows-Server-2008.aspx

http://blogs.msdn.com/webtopics/archive/2009/01/19/service-principal-name-spn-checklist-for-kerberos-authentication-with-iis-7-0.aspx

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Was this information helpful?

What affected your experience?
By pressing submit, your feedback will be used to improve Microsoft products and services. Your IT admin will be able to collect this data. Privacy Statement.

Thank you for your feedback!

×