Terminal Server Licensing failed due to a cryptography error. These messages can occur when the crypto.dll driver installation fails or becomes corrupt, or when certificates in Terminal Server become corrupt.
This rule covers the following event IDs: 10, 11, 12, 13, 26, 38
Other Information:
The event IDs described in this topic apply to Windows® 2000 Server and Windows Server™ 2000 operating systems.
Possible causes include:
Event 10: Terminal Server Licensing cannot set issuer of certificate. Crypto.dll installation fails or is corrupt.
Event 11: Terminal Server Licensing cannot set subject of certificate. Crypto.dll installation fails or is corrupt.
Event 12: Terminal Server Licensing cannot encrypt client’s hardware ID. LSEncryptBase64EncodeHWID fails.
Event 13: Terminal Server Licensing cannot sign or encode a certificate. Crypto.dll installation fails or is corrupt.
Event 26: All available licenses of type X for product X on server X have been removed. Use Terminal Server Licensing administrative tool to re-register licenses.
Event 38: Terminal Server License cannot generate a license for client.
Possible resolutions include:
Events 10, 11, 12, 13, 38:
(Microsoft® Windows Server™ 2000 operating systems only) Verify that crypt32.dll has installed correctly. Check Event Viewer for crypt32.dll related errors. If errors are found, reinstall Terminal Server License and contact the Microsoft Clearinghouse to reissue license packs. Access the Microsoft Clearinghouse by using the Terminal Server Licensing administrative tool.
Delete the MSLicensing key on the client computer:
Log on to the client computer.
Open Registry Editor.
Caution: Incorrectly editing the registry might severely damage your system. Before making changes to the registry, you should back up any valued data on the computer.
Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSLicensing
Back up the registry file before editing it using the Export command. If you are running a Windows 2000 Server operating system, click Export on the Registry Editor File menu. Or, if you are running a Windows 2000 Server operating system, click Export Registry File on the Registry menu.
In the File name box, type mslicensingbackup, and then click Save.
To restore this registry key in the future, double-click the Mslicensingbackup.reg file that you saved in this step.
On the Edit menu, click Delete, and then click Yes to confirm the deletion of the MSLicensing registry subkey.
Close Registry Editor, and then restart the computer.
The Microsoft® Windows® operating system rebuilds the missing registry key when you restart your computer.
Delete X509 certificate registry keys on the terminal server:
Open Registry Editor.
Caution: Incorrectly editing the registry might severely damage your system. Before making changes to the registry, you should back up any valued data on the computer.
Locate and then click the following registry subkey:
HKLM\SYSTEM\CurrentControlSet\Services\TermServices\Parameters
Back up the registry file before editing it using the Export command. If you are running a Windows 2000 Server operating system, click Export on the Registry Editor File menu. Or, if you are running a Windows 2000 Server operating system, click Export Registry File on the Registry menu.
Type exported-parameters in the File name box, and then click Save.
If you have to restore this registry subkey in the future, double-click the Exported-parameters.reg file that you saved in this step.
Under the Parameters registry subkey, right-click each of the following values, click Delete, and then click Yes to confirm the deletion:
Certificate
X509 Certificate
X509 Certificate ID
Close Registry Editor, and then restart the server.
Reactivate Terminal Server License by using the Telephone connection method in the Licensing Wizard.
Restart the server.
If you activate Terminal Server Licensing by using the Telephone option, Terminal Server Licensing uses a different form of certificate.
Event 26: Upgrade operating system from the beta version to a released product.
| Target | Microsoft.Windows.Server.2000.TerminalServicesLicensingServerRole | ||
| Category | EventCollection | ||
| Enabled | True | ||
| Event Source | TermServLicensing | ||
| Alert Generate | True | ||
| Alert Severity | Error | ||
| Alert Priority | Normal | ||
| Remotable | True | ||
| Alert Message |
| ||
| Event Log | System | ||
| Comment | Mom2005ID='{E7B98737-8736-4395-B6C8-80F96FE57150}' |
| ID | Module Type | TypeId | RunAs |
|---|---|---|---|
| Event_Data_Source | DataSource | Microsoft.Windows.EventProvider | Default |
| GenerateAlert | WriteAction | System.Health.GenerateAlert | Default |
Home<Rule ID="LS_failed_due_to_cryptography_error_2000" Target="Microsoft.Windows.Server.2000.TerminalServicesLicensingServerRole" Enabled="onEssentialMonitoring" Remotable="true" Comment="Mom2005ID='{E7B98737-8736-4395-B6C8-80F96FE57150}'">
<Category>EventCollection</Category>
<DataSources>
<DataSource ID="Event_Data_Source" TypeID="Windows!Microsoft.Windows.EventProvider">
<ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
<LogName>System</LogName>
<Expression>
<And>
<Expression>
<RegExExpression>
<ValueExpression>
<XPathQuery>EventNumber</XPathQuery>
</ValueExpression>
<Operator>MatchesMOM2005RegularExpression</Operator>
<Pattern>^(-1072627702|-1072627701|-1072627700|-1072627699|26|38)$</Pattern>
</RegExExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery>PublisherName</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value>TermServLicensing</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</And>
</Expression>
</DataSource>
</DataSources>
<WriteActions>
<WriteAction ID="GenerateAlert" TypeID="SystemHealth!System.Health.GenerateAlert">
<Priority>1</Priority>
<Severity>2</Severity>
<AlertOwner>$Data/PublisherName$</AlertOwner>
<AlertMessageId>$MPElement[Name="LS_failed_due_to_cryptography_error_2000.AlertMessage"]$</AlertMessageId>
<AlertParameters>
<AlertParameter1>$Data/EventDescription$</AlertParameter1>
</AlertParameters>
<Suppression>
<SuppressionValue/>
</Suppression>
</WriteAction>
</WriteActions>
</Rule>