Terminal Server Licensing failed to start due to a cryptography error. This causes the terminal server to stop accepting connections.
This rule covers the following event IDs: 0, 3, 5, 7, 12, 22, 25, 39
Other Information:
The event IDs described in this topic apply to Windows® 2000 Server and Windows Server™ 2000 operating systems.
Possible causes include:
Event 0: Terminal Server Licensing cannot acquire Crypt Context because of corrupted certificates.
Event 3: Terminal Server Licensing cannot create a public and private key pair because of corrupted certificates.
Event 5: Terminal Server Licensing cannot export a key because of corrupted certificates
Event 7: Terminal Server Licensing cannot load the server’s certificate.
Event 12: Terminal Server Licensing cannot initialize cryptographic key.
Event 22: The license server cannot load the key for Terminal Server Licensing.
Event 25: Terminal Server Licensing cannot generate Terminal Server Licensing ID.
Event 39: Terminal Server Licensing cannot generate new public and private keys because of corrupted certificates.
Possible resolutions include:
Events 0, 3, 5, 7, 12, 22, 39:
(Microsoft® Windows Server 2000 operating systems only) Verify that crypt32.dll has installed correctly. Check Event Viewer for errors related to crypt32.dll. If errors are found, reinstall Terminal Server Licensing and contact the Microsoft Clearinghouse to reissue license packs. Access the Microsoft Clearinghouse through the Terminal Server Licensing administrative tool.
Delete the MSLicensing key on the client computer:
Log on to the client computer.
Open Registry Editor.
Caution: Incorrectly editing the registry might severely damage your system. Before making changes to the registry, you should back up any valued data on the computer.
Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSLicensing
Back up the registry file before editing it using the Export command. If you are running a Windows 2000 Server operating system, click Export on the Registry Editor File menu. Or, if you are running a Windows 2000 Server operating system, click Export Registry File on the Registry menu.
In the File name box, type mslicensingbackup, and then click Save.
To restore this registry key in the future, double-click the Mslicensingbackup.reg file that you saved in this step.
On the Edit menu, click Delete, and then click Yes to confirm the deletion of the MSLicensing registry subkey.
Close Registry Editor, and then restart the computer.
The Microsoft® Windows® operating system rebuilds the missing registry key when you restart your computer.
Delete X509 certificate registry keys on the terminal server:
Open Registry Editor.
Caution: Incorrectly editing the registry might severely damage your system. Before making changes to the registry, you should back up any valued data on the computer.
Locate and then click the following registry subkey:
HKLM\SYSTEM\CurrentControlSet\Services\TermServices\Parameters
Back up the registry file before editing it using the Export command. If you are running a Windows 2000 Server operating system, click Export on the Registry Editor File menu. Or, if you are running a Windows 2000 Server operating system, click Export Registry File on the Registry menu..
Type exported-parameters in the File name box, and then click Save.
To restore this registry subkey in the future, double-click the Exported-parameters.reg file that you saved in this step.
Under the Parameters registry subkey, right-click each of the following values, click Delete, and then click Yes to confirm the deletion:
Certificate
X509 Certificate
X509 Certificate ID
Close Registry Editor, and then restart the server.
Reactivate Terminal Server Licensing by using the Telephone connection method in the Licensing Wizard.
Restart the server.
If you activate Terminal Server Licensing by using the Telephone option, Terminal Server Licensing uses a different form of certificate.
Event 25: Registry key HKLM\Software\Windows NT\CurrentVersion\ProductID is not correctly configured.
Verify that the correct product ID is entered in this registry key. The Product ID is located on the General tab of the System Properties dialog box. You can open the System Properties dialog box either by right-clicking on My Computer and clicking Properties, or opening System in the Windows Control Panel.
| Target | Microsoft.Windows.Server.2000.TerminalServicesLicensingServerRole | ||
| Category | EventCollection | ||
| Enabled | True | ||
| Event Source | TermServLicensing | ||
| Alert Generate | True | ||
| Alert Severity | Error | ||
| Alert Priority | Normal | ||
| Remotable | True | ||
| Alert Message |
| ||
| Event Log | System | ||
| Comment | Mom2005ID='{349D4A1D-D9A3-43C8-8BEA-D04CCBC437B6}' |
| ID | Module Type | TypeId | RunAs |
|---|---|---|---|
| Event_Data_Source | DataSource | Microsoft.Windows.EventProvider | Default |
| GenerateAlert | WriteAction | System.Health.GenerateAlert | Default |
Home<Rule ID="LS_failed_to_start_due_to_cryptography_error_2000" Target="Microsoft.Windows.Server.2000.TerminalServicesLicensingServerRole" Enabled="onEssentialMonitoring" Remotable="true" Comment="Mom2005ID='{349D4A1D-D9A3-43C8-8BEA-D04CCBC437B6}'">
<Category>EventCollection</Category>
<DataSources>
<DataSource ID="Event_Data_Source" TypeID="Windows!Microsoft.Windows.EventProvider">
<ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
<LogName>System</LogName>
<Expression>
<And>
<Expression>
<RegExExpression>
<ValueExpression>
<XPathQuery>EventNumber</XPathQuery>
</ValueExpression>
<Operator>MatchesMOM2005RegularExpression</Operator>
<Pattern>^(-1073676276|-1073676266|-1073676263|-1072627712|-1072627709|-1072627707|-1072627705|39)$</Pattern>
</RegExExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery>PublisherName</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value>TermServLicensing</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</And>
</Expression>
</DataSource>
</DataSources>
<WriteActions>
<WriteAction ID="GenerateAlert" TypeID="SystemHealth!System.Health.GenerateAlert">
<Priority>1</Priority>
<Severity>2</Severity>
<AlertOwner>$Data/PublisherName$</AlertOwner>
<AlertMessageId>$MPElement[Name="LS_failed_to_start_due_to_cryptography_error_2000.AlertMessage"]$</AlertMessageId>
<AlertParameters>
<AlertParameter1>$Data/EventDescription$</AlertParameter1>
</AlertParameters>
<Suppression>
<SuppressionValue/>
</Suppression>
</WriteAction>
</WriteActions>
</Rule>