none
Could not obtain information about Windows NT group/user .......error code 0x534...

    Question

  • == I asked this question directly to Remus and wanted to share the response to all of those people using this forum ==

    We recently moved our database server from SQL Server 2000 to SQL Server 2005. All applications on our intranet development server stay the same [VS.NET 2003], but recently resources in our Dev DB server ran out of space. While doing a thorough investigation, I noticed ERRORLOG file was occupying about 35 Gig of HDD space. I immediately checked SQL Server error log and noticed an entry which says –

    ===========================================================================================

    Date                 7/7/2006 4:45:37 PM

    Log                   SQL Server (Current - 7/7/2006 4:45:00 PM)

    Source              spid77s

    Message

    The activated proc [dbo].[SqlQueryNotificationStoredProcedure-5eaf8465-d0cb-4be7-93b6-44bb979dd41c] running on queue BW_Content.dbo.SqlQueryNotificationService-5eaf8465-d0cb-4be7-93b6-44bb979dd41c output the following:  'Could not obtain information about Windows NT group/user 'BWCINC\HoffK', error code 0x534.'

    ===========================================================================================

    What is this SqlQueryNotificationService in my database? Is it a SQL Server 2005 thing? Why the same kind of stored procedure does not exist in other databases, but BW_Content? This error is getting repeated most probably every second and is filling up our server.

     I believe our corporate IT people removed our domain accounts from BWCINC domain to BWCORP domain and probably some application which is using BWCINC\HoffK credential is getting errored out. I tried to locate this application and was not successful.

     Is there anyway that I can stop this ERRORLOG from growing? How can I delete these log entries so that I can make space on our Hard Drive? Is there an easy way in SQL Server 2005 to locate which application is creating this error?

    Response from Remus:

    The 'SqlQueryNotificationService-...' is the service created by SqlDependency when you call SqlDependency.Start (). The problem you describe appears because the 'dbo' user of the database is mapped to the login that originally created this database. The SqlDependency created queue has an EXECUTE AS OWNER clause, owner is 'dbo' and therefore this is equivalent to an EXECUTE AS USER = 'dbo'. The error you see is reported by the domain controller when asked to give information about the original account 'dbo' mapps to (that is, BWCINC\HoffK'): Error code: (Win32) 0x534 (1332) - No mapping between account names and security IDs was done.
     
    To solve the issue, change 'dbo' to match a correct login, using either sp_changedbowner or ALTER AUTHORIZATION ON DATABASE::[dbname] TO [somavalidlogin]
    To find the databases that have this problem, run this query:

    select name, suser_sname(owner_sid) from sys.databases

    The databses that have the problem will show NULL on the second column.
     
    To remove the entries, use sp_cycle_errorlog to force a new errorlog file, then delete the huge log file.
    ---------------------------------------
     
    I executed ALTER AUTHORIZATION ON DATABASE::[BW_Content] TO [sa];
     
    I got this error in SQL Error Log once and the growth of ERRORLOG was stopped.
    ===============================================================
    Date                         7/10/2006 1:16:55 PM
    Log                          SQL Server (Current - 7/10/2006 1:17:00 PM)
    Source                    spid20s
     
    Message

    The query notification dialog on conversation handle '{6BDE95F7-0EFB-DA11-9064-000C2921B41B}.' closed due to the following error: '<?xml version="1.0"?><Error xmlns="http://schemas.microsoft.com/SQL/ServiceBroker/Error"><Code>-8490</Code><Description>Cannot find the remote service &apos;SqlQueryNotificationService-c15bb868-ed56-47d2-bf91-ce18b320989a&apos; because it does not exist.</Description></Error>'.
    ===============================================================
     
    Should I be concerned about this error?
     
    Thanks
    -Binoy
    Monday, July 10, 2006 6:53 PM

Answers

  •  Binoy Sankar wrote:

    I got this error in SQL Error Log once and the growth of ERRORLOG was stopped.
    ===============================================================
    Date                         7/10/2006 1:16:55 PM
    Log                          SQL Server (Current - 7/10/2006 1:17:00 PM)
    Source                    spid20s
     
    Message

    The query notification dialog on conversation handle '{6BDE95F7-0EFB-DA11-9064-000C2921B41B}.' closed due to the following error: '<?xml version="1.0"?><Error xmlns="http://schemas.microsoft.com/SQL/ServiceBroker/Error"><Code>-8490</Code><Description>Cannot find the remote service &apos;SqlQueryNotificationService-c15bb868-ed56-47d2-bf91-ce18b320989a&apos; because it does not exist.</Description></Error>'.
    ===============================================================
     
    Should I be concerned about this error?
     
    Don't worry abouyt it. The error means that the client disconnected and the temporary service was dropped before the notification was fired.
     
    Thanks,
    ~ Remus
    Monday, July 10, 2006 7:56 PM
    Moderator

All replies

  • Thanks for sharing this!
    Monday, July 10, 2006 7:53 PM
    Moderator
  •  Binoy Sankar wrote:

    I got this error in SQL Error Log once and the growth of ERRORLOG was stopped.
    ===============================================================
    Date                         7/10/2006 1:16:55 PM
    Log                          SQL Server (Current - 7/10/2006 1:17:00 PM)
    Source                    spid20s
     
    Message

    The query notification dialog on conversation handle '{6BDE95F7-0EFB-DA11-9064-000C2921B41B}.' closed due to the following error: '<?xml version="1.0"?><Error xmlns="http://schemas.microsoft.com/SQL/ServiceBroker/Error"><Code>-8490</Code><Description>Cannot find the remote service &apos;SqlQueryNotificationService-c15bb868-ed56-47d2-bf91-ce18b320989a&apos; because it does not exist.</Description></Error>'.
    ===============================================================
     
    Should I be concerned about this error?
     
    Don't worry abouyt it. The error means that the client disconnected and the temporary service was dropped before the notification was fired.
     
    Thanks,
    ~ Remus
    Monday, July 10, 2006 7:56 PM
    Moderator
  • I seem to be having a simliar issue but can't get it resolved by suggestions I have found on the net.

     

    Basically I am running a SQL Server on a Domain that uses windows authentication.

    The Instance is started up under "localsystem" and the database owner is "sa".

     

    I still get a large amounts of errors like this one every 5 seconds.

    "The activated proc [DOMAIN\user].[SqlQueryNotificationStoredProcedure-d4dcc6af-2241-4bbe-8b17-ac110cd9065a] running on queue MetaDB.DOMAIN\user.SqlQueryNotificationService-d4dcc6af-2241-4bbe-8b17-ac110cd9065a output the following: 'Could not obtain information about Windows NT group/user 'DOMAIN\user', error code 0x5."

     

    Is there anything that I am missing for authentication.

     

    Monday, December 10, 2007 11:36 AM
  • Error code 0x5 is ACCESS_DENIED. Make sure the SQL Server service account is allowed to connect to the Active Directory of 'DOMAIN'.
    • Proposed as answer by MarcosLeRosa Friday, August 10, 2012 2:09 PM
    Monday, December 10, 2007 12:06 PM
    Moderator
  • Thanks for the info,

     

    In a high security environment, would it then be better to use a Domain User athe the service account and if so what access would be needed to be applied to the account to allow the querying of the Domain?

     

     

    Monday, December 10, 2007 12:35 PM
  • What is your current service account?
    Normally a domain account wouldn't require anything special in the AD to be able to interogate it.
    Monday, December 10, 2007 1:38 PM
    Moderator
  • At the moment I am running it as "LocalSystem", I have also tried as "NetworkService"

     

    I have also tried to run it under my domain userid that is part of "Domain Users" so I am a bit confused as to why I would be getting No access errors.

     

    Other than setting the Owner of the database to "sa" is there anything else needed on the database side that needs to be set.

     

    Monday, December 10, 2007 3:31 PM
  • No, setting the changing the database owner will make no difference since the procedure is already running under a specific schema (as per the error message). You need to ask you domain admin to assist you on the problem since LocalSystem and NetworkService both authenticate with AD as 'domain\machine$' and domain\user also should work, so it seems like the domain has locked down lookup access to some valid accounts. Are we talking here about one single domain or different domains?
    Monday, December 10, 2007 4:05 PM
    Moderator
  • currently it is one single domain.

     

    • Proposed as answer by Edwin Chan Thursday, January 12, 2012 3:39 AM
    • Unproposed as answer by Edwin Chan Thursday, January 12, 2012 3:39 AM
    Monday, December 10, 2007 4:41 PM
  • I have noticed that there are about 40 stored procedures named [DOMAIN\user].[SqlQueryNotificationStoredProcedure-(guid)].

     

    Should there be so many, what generates them and when do they get cleaned up. Is there any way of manually cleaning them up.

    Friday, December 14, 2007 9:16 AM
  • Remus,

     

    With further investigations it seems that there are a number of these notifications that have been "Orphaned" and have not been removed out of the system.

    Is there any way to clear the Procedures, Services and Queues that have been "Orphaned".

     

    Monday, January 21, 2008 11:38 AM
  • Check that the account the you are using for the sql server agent isn't "Locked out" !!
    Friday, February 12, 2010 5:47 PM
  • Hi all,

     

    We had the same problem, but in our case all problems start when the customer change the server name, several job became broken.

     

    The major problem was found when we run a job that send a server report every day throught email. When started sp_send_dbmail proc we receive the message "Error formatting query, probably invalid parameters", but if the same code is executed in a query window it is executed successful.

     

    To solve the problem I put an "EXECUTE AS LOGIN = 'WindowsLoginName' " before the sp_send_dbmail.

     

    This "WindowsLoginName" is a sysadmin.

     

    Best Regards,

     

    Alexandre Von Mühlen

    MCSE/MCT/MCDBA/MCITP:DBAdmin SQL Server 2005 / 2008


    Classifiquem as respostas. O Fórum agradece!! This posting is provided "AS IS" with no warranties, and confers no rights.
    Tuesday, September 28, 2010 6:43 PM
  • Hello Binoy and all,

    thanks for solution. Changed owner to 'sa', and it works!

    Just want to add for googlers that this solution in my case also resolved the error when System Center Essentials 2010 ( SCE 2010 ) and possibly earlier versions hang indefinetily on "Discovery is in progress" when trying to discover computers on the network.

    Best regards

    Andrzej

    Thursday, October 28, 2010 12:33 PM
  • Also look to be sure there isn't a restrictive read policy in your AD of one service account against the other. This seems to be the cause of similar issues we have seen in our (locked down) AD environment.
    Friday, October 28, 2011 4:31 PM
  • I know it is an old thread, but who can interest, this error code was due the error mentioned by Remus Rusanu.

    Marcos Leandro Rosa

    Friday, August 10, 2012 2:10 PM
  • I came across the same problem when I installed SCOM 2012 SP1 and discovery process was running forever. I found the error code in even viewer

    An exception occurred while enqueueing a message in the target queue. Error: 15404, State: 19. Could not obtain information about Windows NT group/user 'Domain\ScomDa', error code 0x5.

    That is the permission issue problem and I resolved it to add user to sysadmin role. You can follow the below steps to do it

    1. Run SQL Server Management Studio

    2. Connect to server with 'sa' or owner of the server

    3. Under Security -> Logins find the user; in my case Domain\ScomDa

    4. Select the user, right click and select properties

    5. on Login Properties select Server Roles tab

    6. Under server roles select sysadmin.

    7. Restart SQL service, SQL Agent Service and Reporting and Analysis services if installed.

    It will fix SCOM discovery problem as well as eliminate the error message.

    Thanks.


    • Edited by -IK Wednesday, May 15, 2013 12:42 AM
    • Proposed as answer by Alshukri Tuesday, November 04, 2014 7:49 AM
    Wednesday, May 15, 2013 12:41 AM
  • Thanks Alot,

    I had the same problem and the discovery of scom 2012 R2 was going for ever until i did the steps above and it worked. it took me 3 days for only this issue.

    Thanks,

    Mahmood AlShukri

    Tuesday, November 04, 2014 7:48 AM
  • I had a similar issue.

    All I did was identify the sharepoint job running through sql agent and change the owner of the job to sa.

    Hope this helps!!

    Monday, February 23, 2015 2:38 PM