NULL SID Error (Event ID: 4625) and Application Pool Identity
Issue:
- Environment:A medium server farm.
- Identity:A brand new custom domain account with no special permissions assigned.
- Action : Assigning the domain account as the application pool identity when creating a new Web application.
- Error Message: Invalid Username or password.
- Point of confusion: The same credentials work like a champ when logging to a test box in the domain. I can also add the user to a SharePoint group.
- Event Log and ULS Log : Nope,nothing!
- Googling (mmmm…Binging) : No dice!
Steps to find the real error:
- Tried a simpler password by taking out the “!” because I was aware of some issues with usual culprits -%,&,$ etc used in app pool password.
- Added the user to a test site and tried to login – Yup… the user can NOT login to any SharePoint sites ; so there was something wrong! DUH!
- Checked the Event log and that was where the following nasty little error rears its ugly head all over.This event was generated when actual logon request of the last step failed not when the central admin “Create or extend Web Application” was throwing “invalid username or password”. It was generated on the WFE where access was attempted.
- Log Name: Security
- Source: Microsoft-Windows-Security-Auditing
- Date: 18.09.2009 12:34:06
- Event ID: 4625
- Task Category: Logon
- Level: Information
- Keywords: Audit Failure
- User: N/A
- Computer: xxx.ch
- Description:
- An account failed to log on.
- Subject:
- Security ID: NULL SID
- Account Name: -
- Account Domain: -
- Logon ID: 0x0
- ....
Resolution (or Workaround!):
- Deleted the account and recreated it.