Archive for September, 2009

NULL SID Error (Event ID: 4625) and Application Pool Identity

September 18th, 2009 4 comments


  • Environment:A medium server farm.
  • Identity:A brand new custom domain account with no special permissions assigned.
  • Action : Assigning the domain account as the application pool identity when creating a new Web application.
  • Error Message: Invalid Username or password.
  • Point of confusion: The same credentials work like a champ when logging to a test box in the domain. I can also add the user to a SharePoint group.
  • Event Log and ULS Log : Nope,nothing!
  • Googling (mmmm…Binging) : No dice!

Steps to find the real error:

  • Tried a simpler password by taking out the “!” because I was aware of some issues with usual culprits -%,&,$ etc used in app pool password.
  • Added  the user to a test site and tried to login – Yup… the user can NOT login to any SharePoint sites ; so there was something wrong! DUH!
  • Checked the Event log and that was where the following nasty little error rears its ugly head all over.This event was generated when actual logon request of the last step failed not when the central admin “Create or extend Web Application” was throwing “invalid username or password”. It was generated on the WFE where access was attempted.
  1. Log Name: Security
  2. Source: Microsoft-Windows-Security-Auditing
  3. Date: 18.09.2009 12:34:06
  4. Event ID: 4625
  5. Task Category: Logon
  6. Level: Information
  7. Keywords: Audit Failure
  8. User: N/A
  9. Computer:
  10. Description:
  11. An account failed to log on.
  13. Subject:
  14. Security ID: NULL SID
  15. Account Name: -
  16. Account Domain: -
  17. Logon ID: 0x0
  18. ....

Resolution (or Workaround!):

  • Deleted the account and recreated it.
Categories: MOSS 2007 Tags: