Monday, September 18, 2017

SQL Server AAD Authentication Error

Are you seeing this error from your ADO.NET Code Trying to Connect To Your SQL Server via Active Directory Authentication:

Exception=System.Data.SqlClient.SqlException (0x80131904): Failed to authenticate the user NT Authority\Anonymous Logon in Active Directory (Authentication=ActiveDirectoryIntegrated). Error code 0x800703FA; state 10 Illegal operation attempted on a registry key that has been marked for deletion. 

The issue might be that you are running a windows service or a scheduled task with a user that has logged off. In Windows Server the registry hive for the current user is loaded when the user logs into the machine, and unloaded when they log off. This means that if you service account is running under a user that is logged off then the registry hive will not be available. ADO.NET AAD in .NET 4.6.1 uses the registry hive of the running user -- which could be the user of a service.

To solve this problem you need to tell Windows Server not to unload the registry hive for users when they log off.


No comments:

Post a Comment