Windows 2008 R2 - Source: Schannel, EventID: 36888, Task: lsass.exe
Hi, i have installed on the Windows Server 2008 R2 a Exchange 2010 and after i switch this Server to the front (OWA and Outlook Anywhere) i got every secound this error in the eventlog. i think this Problem must have a contact with IIS and RPC over HTTP or the OWA, but everything works fine, so i don't find a direct Problem, only the Eventlog will be flooded. - <Event xmlns=""> - <System> <Provider Name="Schannel" Guid="{1F678132-5938-4686-9FDC-C8FF68F15C85}" /> <EventID>36888</EventID> <Version>0</Version> <Level>2</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x8000000000000000</Keywords> <TimeCreated SystemTime="2010-06-21T11:51:40.956846100Z" /> <EventRecordID>4086</EventRecordID> <Correlation /> <Execution ProcessID="496" ThreadID="6304" /> <Channel>System</Channel> <Computer>EXCHANGE2010.domain.local</Computer> <Security UserID="S-1-5-18" /> </System> - <EventData> <Data Name="AlertDesc">10</Data> <Data Name="ErrorState">1203</Data> </EventData> </Event> kind regards Alex
June 21st, 2010 10:22am

Hello OPERATOR76, Typically, this error may result from an SSL/TLS problem. Please have a look at this thread: Schannel Fatal Alert Error 48 Best regards, Harry This posting is provided "AS IS" with no warranties, and confers no rights.
Free Windows Admin Tool Kit Click here and download it now
June 21st, 2010 5:41pm

Hello, i think the Problem can be the woldcard certificate for smtp, iss, pop and imap. the console told me, a wildcard certificate can not be used, so i use now the servercertificat itself and i'am waiting now for the next error in the eventlog, if there is no tomorrow i think i fixed it with this setting. My Wildcard certificat looks like this: AccessRules : {System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAccessR ule, System.Security.AccessControl.CryptoKeyAccessRule, System.Security.AccessControl.CryptoKeyAcc essRule} CertificateDomains : {*} HasPrivateKey : True IsSelfSigned : False Issuer : OU=Equifax Secure Certificate Authority, O=Equifax, C=US NotAfter : 28.03.2011 15:52:20 NotBefore : 27.12.2007 15:52:20 PublicKeySize : 1024 RootCAType : ThirdParty SerialNumber : 011001 Services : IIS, SMTP Status : Valid Subject : CN=*, OU=IT, O=My Comany, L=xxxx, S=xxxx, C=AT Thumbprint : xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
June 24th, 2010 12:06pm

i have the same error allready and the change of the certificates doesn't help.
Free Windows Admin Tool Kit Click here and download it now
June 28th, 2010 4:35am

Signing into Lync connected to Office 365 causes the issue. I reproduced the problem several times by exiting and then starting and by signing out and signing into Lync Online. The Process ID indicates LSASS.EXE but the problem is caused by Lync. Log Name: System Source: Schannel Date: 11/3/2012 2:48:34 PM Event ID: 36888 Task Category: None Level: Error Keywords: User: SYSTEM Computer: Mitch-PC Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10. Event Xml: <Event xmlns=""> <System> <Provider Name="Schannel" Guid="{1F678132-5938-4686-9FDC-C8FF68F15C85}" /> <EventID>36888</EventID> <Version>0</Version> <Level>2</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x8000000000000000</Keywords> <TimeCreated SystemTime="2012-11-03T20:48:34.424489500Z" /> <EventRecordID>52839</EventRecordID> <Correlation /> <Execution ProcessID="716" ThreadID="7500" /> <Channel>System</Channel> <Computer>Mitch-PC</Computer> <Security UserID="S-1-5-18" /> </System> <EventData> <Data Name="AlertDesc">10</Data> <Data Name="ErrorState">10</Data> </EventData> </Event>
November 3rd, 2012 5:03pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics