Jaa

Event 2436 for SharePoint Services 3 Search

  • Artikkeli

[Today's post comes to us courtesy of Eric Sun]

You may experience SharePoint Search issue when browsing https://companyweb on SBS 2008 server and specifically, you are seeing below 2436 errors in your Application event log every several minutes.

Log Name:      Application
Source:        Windows SharePoint Services 3 Search
Date:          4/29/2009 4:20:05 PM
Event ID:      2436
Task Category: Gatherer
Level:         Warning
Keywords:      Classic
User:          N/A
Computer:      server.domain.local
Description:
The start address <sts3s://remote.Domain.com:987/contentdbid={d4078aab- ce82-4581-8d4f-973e1e6eac23}> cannot be crawled.

Context: Application 'Search index file on the search server', Catalog 'Search'

Details:
Access is denied. Check that the Default Content Access Account has access to this content, or add a crawl rule to crawl this content.   (0x80041205)

Cause

You receive above warning events because WSS3.0 Search service is trying to crawl the WSS content via the URL – remote.domain.com, which is mentioned in above event. Windows Server 2008 includes a loopback check security feature that is designed to help prevent reflection attacks on your computer. Therefore, Kerberos authentication on Default Content Access Account fails if this URL does not match the local computer name and is not registered in system as additional Service Principle Name (SPN).

Resolution

To resolve this issue, it is recommended to manually register the URL in your system, or even disable the Loopback check feature. To register this URL, please use the following steps,

Note: We recommend that you use this method.

  1. Click Start, click Run, type regedit, and then click OK.
  2. In Registry Editor, locate and then click the following registry key:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
  3. Right-click MSV1_0, point to New, and then click Multi-String Value.
  4. Type BackConnectionHostNames, and then press ENTER.
  5. Right-click BackConnectionHostNames, and then click Modify.
  6. In the Value data box, type the URL mentioned in the above warning event, and then click OK.
  7. Quit Registry Editor, and then restart the IIS service.

If you want to disable Loopback Check feature to work around this issue, please refer to the Method 2 in the following KB article

896861 You receive error 401.1 when you browse a Web site that uses Integrated Authentication and is hosted on IIS 5.1 or IIS 6

More Information

WSS3.0 Search service crawls the WSS content by default Alternate Access Mapping Zone. Not like normal WSS 3.0 website, which uses https://SiteName as the default Alternative Access Mapping, SBS 2008 server uses https://remote.domain.com:987 as the default Zone. This is by design, and we do not recommend changing it to https://companyweb, as it may break the SBS specific settings.

clip_image002

Additionally, changing the Default Content Access Account for content crawl is NOT officially supported method to work around this issue, as it has not been tested and can cause other potential issues.

Comments

  • Anonymous
    January 01, 2003
    *UPDATE: Still not why the steps below work on some boxes but not others. However, the SBS team just

  • Anonymous
    January 01, 2003
    I’ll admit this post is long overdue.&#160; I’m sitting here staging a new server for a client and just

  • Anonymous
    January 01, 2003
    The comment has been removed

  • Anonymous
    January 01, 2003
    am also experiencing that error in my sbs 2003

  • Anonymous
    May 07, 2009
    When posting can you include weather the issue affects sbs2003 or sbs2008 or both if you have that information?  For those of us in the field it will help us resolve issues more quickly.  Thanks. Don

  • Anonymous
    May 12, 2009
    The comment has been removed

  • Anonymous
    May 18, 2009
    Great post! Quick question.   We have multiple aliases that are broken.  http://alias1,https://alias1.domain.com,http://alias2 How do would you type those?  Do you create seperate values for each one or do you just hit enter after each alias/url? Thanks!

  • Anonymous
    June 03, 2009
    Make sure you add: companyweb remote.servername.com servername.domainname.local this fixed it for us

  • Anonymous
    December 02, 2015
    The comment has been removed

  • Anonymous
    January 28, 2016
    Thanks for the great info. I really loved this. I would like to apprentice at the same time as you amend your web site, how could i subscribe for a blog site?

    http://www.movieboxapkdownload.com/ - It’s just 2 MB file you can easily get it on your android device without much trouble. Showbox app was well designed application for android to watch movies and TV shows, Cartoons and many more such things on your smartphone.





    Thanks for the great info. I really loved this. I would like to apprentice at the same time as you amend your web site, how could i subscribe for a blog site?

    http://www.aptoideapkdownload.com/ - It’s just 2 MB file you can easily get it on your android device without much trouble.

    http://www.vidmatedownloadapk.com/

    Showbox app was well designed application for android to watch movies and TV shows, Cartoons and many more such things on your smartphone.

    http://www.shareitforpccdownload.com/

    http://www.shareitforpccdownload.com/shareit-for-pc-windows-10-8-1-7-mac-free-download/

    SHAREit for PC lets you transfer files between devices like phones, tablets and computers. With the wide area of sharing compatibility, sharing across anything is easy now. This is the best and the fastest alternative for USB sharing.