Home  /  Microsoft  /  Event 2436 for SharePoint Services 3 Search

Event 2436 for SharePoint Services 3 Search

Written by
Microsoft Leave a Comment

You may experience SharePoint Search issue when browsing http://companyweb on SBS 2008 server and specifically, you are seeing below 2436 errors in your Application event log every several minutes.

Log Name:      Application
Source:        Windows SharePoint Services 3 Search
Date:          4/29/2009 4:20:05 PM
Event ID:      2436
Task Category: Gatherer
Level:         Warning
Keywords:      Classic
User:          N/A
Computer:      server.domain.local
Description:
The start address <sts3s://remote.Domain.com:987/contentdbid={d4078aab- ce82-4581-8d4f-973e1e6eac23}> cannot be crawled.

Context: Application ‘Search index file on the search server’, Catalog ‘Search’

Details:
Access is denied. Check that the Default Content Access Account has access to this content, or add a crawl rule to crawl this content.   (0x80041205)

Cause

You receive above warning events because WSS3.0 Search service is trying to crawl the WSS content via the URL – remote.domain.com, which is mentioned in above event. Windows Server 2008 includes a loopback check security feature that is designed to help prevent reflection attacks on your computer. Therefore, Kerberos authentication on Default Content Access Account fails if this URL does not match the local computer name and is not registered in system as additional Service Principle Name (SPN).

Resolution

To resolve this issue, it is recommended to manually register the URL in your system, or even disable the Loopback check feature. To register this URL, please use the following steps,

Note: We recommend that you use this method.

  1. Click Start, click Run, type regedit, and then click OK.
  2. In Registry Editor, locate and then click the following registry key:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0
  3. Right-click MSV1_0, point to New, and then click Multi-String Value.
  4. Type BackConnectionHostNames, and then press ENTER.
  5. Right-click BackConnectionHostNames, and then click Modify.
  6. In the Value data box, type the URL mentioned in the above warning event, and then click OK.
  7. Quit Registry Editor, and then restart the IIS service.

If you want to disable Loopback Check feature to work around this issue, please refer to the Method 2 in the following KB article

896861 You receive error 401.1 when you browse a Web site that uses Integrated Authentication and is hosted on IIS 5.1 or IIS 6

More Information

WSS3.0 Search service crawls the WSS content by default Alternate Access Mapping Zone. Not like normal WSS 3.0 website, which uses http://SiteName as the default Alternative Access Mapping, SBS 2008 server uses https://remote.domain.com:987as the default Zone. This is by design, and we do not recommend changing it to http://companyweb, as it may break the SBS specific settings.

clip_image002

Additionally, changing the Default Content Access Account for content crawl is NOT officially supported method to work around this issue, as it has not been tested and can cause other potential issues.

Source : http://blogs.technet.com/b/sbs/archive/2009/05/07/event-2436-for-sharepoint-services-3-search.aspx

Related articles:

Disclaimer.
The information in this article is provided “AS IS” with no warranties, and confers no rights. This article does not represent the thoughts, intentions, plans or strategies of my employer. It is solely my opinion.

Marco

Marco works for ViaData as a Senior Technical Consultant. He has over 15 years experience as a system engineer and consultant, specialized in virtualization. VMware VCP4, VCP5-DC & VCP5-DT. VMware vExpert 2013, 2014,2015 & 2016. Microsoft MCSE & MCITP Enterprise Administrator. Veeam VMSP, VMTSP & VMCE.

Copyright © 2009-2020 The virtual world of Marc O'Polo