Tag: Event 9002

Event ID 9002 — IIS Application Host SID Mapping Configuration

PCIS Support Team Leave a comment

Event ID 9002 — IIS Application Host SID Mapping Configuration

Updated: January 20, 2010

Applies To: Windows Server 2008

In Internet Information Services (IIS) 6.0, separate user accounts had to be created for application pools in order to isolate them. In IIS 7.0, mapped application pool SIDs (security identifiers) make this process easier. When a new Web site is created in IIS 7.0, the site receives a new application pool with the same name as the site. The Application Host Helper Service (AppHostSvc) dynamically creates a unique application pool SID based on the application pool name, and the name is mapped to the SID. Web site resources like files and directories can then be granted permissions by using the mapped application pool SID instead of separate user identities. This enables all application pools to run under the same default Network Service account, yet remain isolated.

Event Details

Product: Internet Information Services
ID: 9002
Source: Microsoft-Windows-IIS-APPHOSTSVC
Version: 7.0
Symbolic Name: APPHOSTSVC_SID_GENERIC_ERROR
Message: The Application Host Helper Service encountered an error while mapping the application pool names to their respective SIDs. Some app pool SIDs will not be resolved properly under the ‘IIS APPPOOL’ namespace. To resolve this issue, please recommit the changes or restart the service. The data field contains the error number.

Resolve
Reapply changes and restart AppHostSvc

When configuration changes do not appear to take effect, possible resolutions include the following:

  • Reapply the changes.
  • Reduce the number of application pools.
  • Stop and restart the Application Host Helper Service (AppHostSvc).

Stop and restart the Application Host Helper Service

To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.

To stop and restart the Application Host Helper Service:

  1. Open an elevated Command Prompt window. Click Start, point to All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator.
  2. At the command prompt, type net stop apphostsvc.
  3. At the command prompt, type net start apphostsvc.

Verify

If Application Host SID Mapping is not configured correctly, Web sites in the affected application pool will fail to serve pages. For this reason, you can verify the Application Host SID Mapping functionality by performing a test browse.

To perform a test browse:

  1. Choose a Web site or an application that is configured to run in the application pool that you want to verify.
  2. Open up your default browser or required client.
  3. Browse to a page in the Web site or application that you chose in step 1.
  4. The client should display the expected output page. If Application Host SID Mapping is configured correctly, the page will be displayed.

Related Management Information

IIS Application Host SID Mapping Configuration

Internet Information Services (IIS) 7.0

Related:

Event ID 9002 — TCP/IP Network Connectivity

PCIS Support Team Leave a comment

Event ID 9002 — TCP/IP Network Connectivity

Updated: January 7, 2009

Applies To: Windows Server 2008 R2

Network connectivity allows your computer to communicate with other hosts on your network and the Internet. Connectivity might be full (Internet and intranet), partial (local subnet only), or non-existent.

Event Details

Product: Windows Operating System
ID: 9002
Source: tcpip
Version: 6.1
Symbolic Name: EVENT_TRANSPORT_RESOURCE_LIMIT
Message: %2 could not allocate a resource of type %3 due to its configured size of %4.

Resolve
Initialize TCP/IP

Refresh the protocol configuration on the network interface by disabling it and then enabling it again.

To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.

To disable and then re-enable the network interface:

  1. Click Control Panel, double-click Network and Sharing Center, and then click Manage network connections.
  2. Right-click the network interface you want to disable, and then click Disable.
  3. Right-click the network interface again, and then click Enable.

Verify

To perform this procedure, you must have membership in Administrators, or you must have been delegated the appropriate authority.

To verify TCP/IP connectivity:

  1. Click Start, point to All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator.
  2. Click Continue when prompted by User Account Control, and then provide the administrator password, if requested.
  3. Type ping followed by an IP address of another host on the network.
  4. If the ping command succeeds, connectivity is established.

Note:   Windows Firewall might prevent a succesful ping operation. You might need to configure a port exception for the ping to succeed.

Related Management Information

TCP/IP Network Connectivity

Networking

Related:

The Network Service account doesn’t have the necessary permissions assigned on the Pickup directory or Replay directory %1. Verify that the Network Service account has the following permissions assigned on the specified directory: “Read”, “Write”, and “Delete Subfolders and Files”.

PCIS Support Team Leave a comment
Details
Product: Exchange
Event ID: 9002
Source: MSExchangeTransport
Version: 8.0
Symbolic Name: NoDirectoryPermission
Message: The Network Service account doesn’t have the necessary permissions assigned on the Pickup directory or Replay directory %1. Verify that the Network Service account has the following permissions assigned on the specified directory: “Read”, “Write”, and “Delete Subfolders and Files”.
   
Explanation

This Error event indicates that the Network Service user account on the Hub Transport Server or Edge Transport server does not have the correct permissions assigned on the Pickup directory or on the Replay directory. These permissions are required so that message files that are copied to the Pickup directory or the Replay directory can be successfully submitted. The Pickup directory is used by administrators for mail flow testing, or by applications that must create and submit their own messages. The Replay directory is used to resubmit messages that administrators export from the queues of Microsoft Exchange Server 2007 servers.

The Pickup directory location is controlled by the PickupDirectoryPath parameter on the Set-TransportServer cmdlet. By default, the Pickup directory is located at C:\Program Files\Microsoft\Exchange Server\TransportRoles\Pickup.

The Replay directory location is controlled by the ReplayDirectoryPath parameter on the Set-TransportServer cmdlet. By default, the Replay directory is located at C:\Program Files\Microsoft\Exchange Server\TransportRoles\Replay.

If you change the location of the Pickup directory or the Replay directory, the Microsoft Exchange Transport service uses the security credentials of the Network Service user account to create the new directory and apply the correct permissions. If the new directory does not already exist, and the Network Service user account has the permissions that are required to create folders and apply permissions at the new location, the new directory is created, and the correct permissions are applied to the directory. If the new directory already exists, the existing folder permissions are not checked.
   
User Action

To resolve this error, verify that the directory that is specified in the error message text has the following permissions assigned to the Network Services user account:

  • List Folder/Read Data

  • Read Attributes

  • Read Extended Attributes

  • Create Files/Write Data

  • Create Folders/Append Data

  • Write Attributes

  • Write Extended Attributes

  • Delete Subfolders and Files

  • Read Permissions

For more information, see the following topics:

If you are not already doing so, consider running the tools that Microsoft Exchange offers to help administrators analyze and troubleshoot their Exchange environment. These tools can help you make sure that your configuration is in line with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. Go to the Toolbox node of the Exchange Management Console to run these tools now. For more information about these tools, see Toolbox in the Exchange Server 2007 Help.

Related:

The transaction log for database ‘%.*ls’ is full. To find out why space in the log cannot be reused, see the log_reuse_wait_desc column in sys.databases

PCIS Support Team Leave a comment
Details
Product: SQL Server
Event ID: 9002
Source: MSSQLServer
Version: 9.00.1281.60
Symbolic Name: LOG_IS_FULL
Message: The transaction log for database ‘%.*ls’ is full. To find out why space in the log cannot be reused, see the log_reuse_wait_desc column in sys.databases
   
Explanation

The database log is out of space. The log_reuse_wait_desc column in sys.databases describes why space in the log cannot be reused.
   
User Action

Use sys.databases to determine why the log is full and then correct the condition. For more information, see “sys.databases (Transact-SQL)” in SQL Server 2005 Books Online.

Related: