"Message Number 32777" Error Message When You Try to Activate Windows Server 2003 Over the Internet (816897)
The information in this article applies to:
- Microsoft Windows Server 2003, 64-Bit Datacenter Edition
- Microsoft Windows Server 2003, 64-Bit Enterprise Edition
- Microsoft Windows Server 2003, Datacenter Edition
- Microsoft Windows Server 2003, Enterprise Edition
- Microsoft Windows Server 2003, Standard Edition
- Microsoft Windows Server 2003, Web Edition
- Microsoft Windows Small Business Server 2003, Standard Edition
- Microsoft Windows Small Business Server 2003, Premium Edition
SYMPTOMSWhen you try to activate Windows Server 2003 over the Internet, Windows Product Activation may be unsuccessful and you may experience the following issues: Windows Product Activation is unsuccessful whether or not you enter your user name and password. CAUSEThis issue occurs if both of the following conditions are true: - Microsoft Internet Explorer's Enhanced Security Configuration is enabled on the server.
-and- - You connect to the Internet through a proxy server where Basic Authentication is enabled.
The Internet Explorer Enhanced Security Configuration (also known as Internet Explorer hardening) uses certificate revocation. This certificate revocation lookup process involves a URL retrieval operation. In this case, the URL retrieval goes through the proxy server and occurs outside the explicit context of the logged-on user. Therefore, Basic Authentication mistakenly prompts you for a user account name and password. As the user, you are typically not aware that certificates are being validated, and you may be prompted repeatedly during the validation of a series of certificates. WORKAROUNDTo work around this issue, use one of the following methods. Note The following methods are listed in the order of the most preferred to least preferred, with the most preferred method appearing first. Method 1: Do Not Use Basic AuthenticationAvoid using Basic Authentication on the proxy server. If you must use Basic Authentication, exclude the URLs for the certificate revocation lists (CRLs) from the requirement for basic authentication. To do this, configure the following list of CRLs to be unauthenticated on the proxy server: - http://crl.microsoft.com/pki/crl/productsMicrosoftProductSecureServer.crl
- http://crl.microsoft.com/pki/crl/products/MicrosoftProductSecureCommunications.crl
- http://crl.microsoft.com/pki/crl/products/MicrosoftRootAuthority.crl
- http://www.microsoft.com/pki/crl/productsMicrosoftProductSecureServer.crl
- http://www.microsoft.com/pki/crl/products/MicrosoftProductSecureCommunications.crl
- http://www.microsoft.com/pki/crl/products/MicrosoftRootAuthority.crl
Method 2: Activate by Using the TelephoneIf you receive the error message described in the "Symptoms" section of this article when you try to activate Windows, click the Telephone button in the Activate Windows Wizard to activate Windows over the telephone. Method 3: Turn Off Certificate Revocation in Internet ExplorerTurn off certificate revocation in Internet Explorer to permit Windows activation to succeed. To do so, follow these steps. Note Microsoft recommends that you do not turn off certificate revocation in Internet Explorer. - Start Internet Explorer.
- On the Tools menu, click Internet Options.
- Click the Advanced tab, and then click to clear the following check boxes in the Settings list:
Check for publisher's certificate revocation Check for server certificate revocation (requires restart) - Click Apply, and then click OK.
- Quit and then restart Internet Explorer.
- Activate Windows.
- In Internet Explorer, click Internet Options on the Tools menu.
- Click the Advanced tab, and then click to select the following check boxes in the Settings list:
Check for publisher's certificate revocation Check for server certificate revocation (requires restart) - Click Apply, and then click OK.
- Quit and then restart Internet Explorer.
Modification Type: | Minor | Last Reviewed: | 6/30/2004 |
---|
Keywords: | kberrmsg kbprb KB816897 |
---|
|
|
©2004 Microsoft Corporation. All rights reserved.
|
|