SYMPTOMS

When authenticating within the web mail interface using the Windows authentication method the authentication fails on a Microsoft Windows 2000 operating system.

The following error is presented within the Windows event log viewer:

The description for Event ID ( 10000 ) in Source ( MailEnable ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. The following information is part of the event: MailEnable Authentication TD Provider error: 1314, Windows Authentication for User (username) on Domain () failed with error (1314): A required privilege is not held by the client. SE_TCB_NAME and SE_CHANGE_NOTIFY_NAME rights may be required.

CAUSE

The ASPNET account does not have the local machine policy to "Act as part of the operating system".

RESOLUTION

Navigate within windows to the following location: Administrative tools>Local Security Settings.

1. Expand: security settings>Local Policies
2. Click on "User Rights Assignment".
3. In the right hand pane locate the following policy "Act as part of operating system" and right click and select "security".
4. Click on "add" and add the "ASPNET" account.
5. Assign the account "Local Policy Setting" and "Effective Policy Setting".
6. Restart IIS for the changes to take effect.

More information: http://support.microsoft.com/kb/315736