Do you see the following errors on your BizTalk Server every time you reboot your Domain Controller?

  • Article

Event ID 6913

Event Type: Error
Event Source: BizTalk Server 2006
Event Category: BizTalk Server 2006
Event ID: 6913
User: N/A
Computer: <Computer name>
Description:
An attempt to connect to <SQL server name> SQL Server database on server <Server name> failed with error: "Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection.".

Event ID 5410

Event Type: Error
Event Source: BizTalk Server 2006
Event ID: 5410
User: N/A
Computer: <Computer name>
Description:
An error occurred that requires the BizTalk service to terminate. The most common causes are the following:
1) An unexpected out of memory error. OR
2) An inability to connect or a loss of connectivity to one of the BizTalk databases. The service will shutdown and auto-restart in 1 minute. If the problematic database remains unavailable, this cycle will repeat.

Error message: Login failed for user '(null)'. Reason: Not associated with a trusted SQL Server connection.
Error source: BizTalk
host name: <Server name>
Windows service name: <Service name>

 

The issue here lies with the Windows Net Logon Service and not BizTalk. The Domain Controller returns the "NO_SUCH_USER" status code in response to BizTalk and SQL Server logon requests. This happens when the Domain Controller that received the logon request is in the process of shutting down.

When the "NO_SUCH_USER" status code is received, domain member computers (BizTalk and SQL Servers) and domain controllers do not establish a new security channel with another domain controller that is running correctly. Therefore, the logon requests that are sent by users or by applications may time out. The application that originated the logon requests may time out or may fail unless the application has failover logic or retry logic.

 

The hotfix in this article has to be applied on the Domain Controllers and on the Domain Clients (BizTalk and SQL Servers) . After you apply this hotfix, the domain controllers will return a "STATUS_INVALID_SERVER_STATE (0xc00000dc)" status code during the shutdown process. Then, the client (BizTalk and SQL Servers) can contact other domain controllers if the client receives this status code.

More information can be found in the link below.

942636 Windows Server 2003-based domain controllers may incorrectly return the "NO_SUCH_USER (0xc0000064)" status code in response to logon requests

https://support.microsoft.com/default.aspx?scid=kb;EN-US;942636

 

 

In addition to KB 942636, the following KB has been found to help with the above errors:

906736 You experience a delay in the user-authentication process when you run a high-volume server program on a domain member in Windows 2000 or Windows Server 2003

https://support.microsoft.com/default.aspx?scid=kb;EN-US;906736

The Registry change in the above article disables the Privilege Attribute Certificate (PAC) signature in the Kerberos ticket which reduces the RPC requests between the Client (BizTalk Server and SQL Server) to Domain Controller. This is the default behavior in Windows Server 2008.