Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

problem MSMQ between AD and Workgroup

107 views
Skip to first unread message

Ludovic

unread,
Apr 3, 2009, 9:30:01 AM4/3/09
to

Hello,

I have a problem (setup/using) of MSMQ which I can not solve. I hope someone
can point me to solve it? Here is my case:

- I have a windows server 2003 SP1 Standard Edition (1), linked to an Active
Directory, which I installed with 2 private MSMQ Queues

- I have a second server Windows 2003 SP1 Web Edition (2), which is not
bound to AD and is therefore part of a Workgroup.

This is for safety reasons, the second server will be used through a
webservice to communicate with an ERP, which is on my first server and a web
interface.

I created a small VB application to test MSMQ that I run from my server (2),
the problem is that I return every time the following error message:

"User's Internal Message Queuing certificate does not exist"

I know that MSMQ uses the SID and certificate to construct and post messages
in the queues. I first try to set up MSMQ directly on my server 2, in
Workgroup mode, but I had exactly the same error message. So I thought I
install on the server bound to AD and it will be recorded on the
corresponding user certificate. But the problem is the same. I think that
since the message is sent from my server 2, it transmits it through a
workgroup user who does not move the certificate? So do not agree on MSMQ on
the other side.

After spending 2 days to search information on the web by forums posts and
other technicals website, testing in all directions by changing the service
users and other security rights, I begin to lose hope and turn to use this
service. As is essential for this project, I post a question on this forum.

I hope someone can help me to solve this point. It's very important !

in advance thank you for your help.

For info, if I change my application launches and VB on the server 1,
everything works fine. I really need to communicate between 2 servers. One
with AD and other in Workgroup. Or in last case to put msmq on workgroup
server (2)

Thanks

John Breakwell (MSFT)

unread,
Apr 14, 2009, 2:02:45 PM4/14/09
to
Hi Ludovic,

I can't find any reference to the error message "User's Internal Message
Queuing certificate does not exist" but I expect it is the friendly
conversion of 0xC00E002F (MQ_ERROR_NO_INTERNAL_USER_CERT).

Are you trying to send authenticated messages?
This won't work as the workgroup machine does not have a certificate it can
use.

If you don't need authentication, un-tick the "Authenticated" box on the
queue's property page.
If you do need authentication, then you will need to obtain an external
certificate from somewhere and add some extra code to your application to
make use of it.

Cheers
John Breakwell (MSFT)


"Ludovic" <Lud...@discussions.microsoft.com> wrote in message
news:16FFB201-CCCA-489E...@microsoft.com...

0 new messages