Share via

FIM TROUBLESHOOTING: PCNS Event ID 6025 – Status: 1747

  • Article

OVERVIEW

Recently worked a Password Change Notification Service (PCNS) issue. We were receiving an Event ID 6025 in the Application Event Log. We validated all of the basic settings, and they were all set.

This Event ID 6025, was a bit different than other 6025s that I have seen.

APPLICATION EVENT LOG

Log Name: Application

Source: PCNSSVC

Date: 1/17/2013 3:50:48 PM

Event ID: 6025

Task Category: Error

Level: Error

Keywords: Classic

User: N/A

Computer: S324VM-DS03.CDSresource.pvt

Description:

Password Change Notification Service received an RPC exception attempting to deliver a notification.

Thread ID: 1584

Tracking ID: 68202185-6fbe-47f0-a0e7-c7cd50f87cd9

User GUID: 4257a2a1-ed52-402e-8c34-64b349c5b147

User: DOMAIN\FIMSynchronizationServiceAccount

Target: PCNSCFG

Delivery Attempts: 16

Queued Notifications: 1

0x000006D3 - The authentication service is unknown.

 

ProcessID is 4632

System Time is: 1/17/2013 23:50:48:449

Generating component is 2

Status is 1747 - The authentication service is unknown.

Detection location is 1710

Flags is 0

NumberOfParameters is 1

Long val: 0

 

ProcessID is 4632

System Time is: 1/17/2013 23:50:48:449

Generating component is 2

Status is 1747 - The authentication service is unknown.

Detection location is 701

Flags is 0

NumberOfParameters is 2

Long val: 8

Long val: 0

 

We can also see a similar error message when viewing a network trace on the FIM Synchronization Service machine.

NETWORK TRACE FILE

MSRPC: c/o Bind Nack: Call=0x2 Reject Reason: authentication_type_not_recognized

CAUSE

The reason that we were receiving this error, is because originally the customer had the FIM Synchronization Service machine as a stand-alone server. The customer moved the server into a domain, and created a FIM Synchronization Service Account in the domain. However, the FIM Synchronization Service account had the identical account name as the Local Account.

Additionally, Microsoft SQL Server was local to the FIM Synchronization Service machine.

RESOLUTION

In order to resolve this specific issue we had to do a few things:

  1. Log into SQL Server as a SysAdmin and add a Log In for the Domain FIM Synchronization Service Account
  2. Ensured that the Domain FIM Synchronization Service Account was dbowner for the FIM Synchronization Service Database
  3. On the FIM Synchronization Service machine, executed a Change Mode install to update the Synchronization Service Engine to use the Domain FIM Synchronization Service Account.
  4. We then tested PCNS, and it worked successfully producing a 2100 Event ID.

ADDITIONAL INFORMATION