Oct
30
2012

The prelogin packet used to open the connection is structurally invalid; Error: 17828

Found following error in SQL Server 2008 R2 error logs,

Error: 17828, Severity: 20, State: 4.

The prelogin packet used to open the connection is structurally invalid; the connection has been closed. Please contact the vendor of the client library. [CLIENT: <IP Address>]

Although various blogs and articles says that this is timeout error and generally be seen if your SQL Server is evaluation copy which got expired, but I didn’t found any of such reason exists in my environment, I followed another article post which resolved the issue, please take appropriate backups before following the solution below,

 

1. If you are on Windows Server 2003, then Go to C:\Documents and Settings\<sql startup account>\Application Data\Microsoft\Crypto\RSA\S-1-5-21-xxxxxx-xxxxx-xxxx-xxxxx (where “sql startup account” should be the name of your startup account for sql server)

Or

If you are on Windows Server 2008 and above, then go to C:\Users\<sql startup account>\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-xxxxxx-xxxxx-xxxx-xxxxx (where “sql startup account” should be the name of your startup account for sql server)

2. Backup and then delete any files in the S-1-5-21-xxxxxx-xxxxx-xxxx-xxxxx folder (but do not delete the folder)

3. Restart SQL Server”

 

There is another solution provided by Microsoft at following article http://msdn.microsoft.com/en-us/library/cc645913(v=sql.105).aspx , explanation provided as-is taken from link,

Explanation

The SQL Server computer was unable to process the client login packet. This may be because the packet was created improperly or because the packet was damaged during transmission. It can also be caused by the configuration of the SQL Server computer. The IP address listed is the address of the client computer.

More Information

When using Windows Authentication in a Kerberos environment, a client receives a Kerberos ticket that contains a Privilege Attribute Certificate (PAC). The PAC contains various types of authorization data including groups that the user is a member of, rights the user has, and what policies apply to the user. When the client receives the Kerberos ticket, the information contained in the PAC is used to generate the user’s access token. The client presents the token to the SQL Server computer as part of the login packet.

If the token was improperly created or damaged during transmission, SQL Server cannot offer additional information about the problem.

When the user is a member of many groups or has many policies, the token may grow larger than normal to list them all. If the token grows larger than the MaxTokenSize value of the server computer, the client fails to connect with a General Network Error (GNE) and error 17832 can occur. This problem may affect only some users: users with many groups or policies. When the problem is the MaxTokenSize value of the server computer, error 17832 in the SQL Server error log will be accompanied by an error with state 9. For additional details about the Kerberos and MaxTokenSize, see KB327825.

Resolution

To resolve this problem, increase the MaxTokenSize value of the server computer, to a size large enough to contain the largest token of any user in your organization. To research the correct token size for your organization, consider using the Tokensz application.

Note: Incorrectly editing the registry can severely damage your system. Before making changes to the registry, we recommend that you back up any valued data on the computer.

To change the MaxTokenSize on the server computer

  • On the Start menu, click Run.
  • Type regedit, and then click OK. (If the User Account Control dialog box appears, click Continue.)
  • Navigate to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Kerberos\Parameters.
  • If the MaxTokenSize parameter is not present, right-click Parameters, point to New, and then click DWORD (32-bit) Value. Name the registry entry MaxTokenSize.
  • Right-click MaxTokenSize, and then click Modify.
  • In the Value data box type the desired MaxTokenSize value.

Note:

Hexadecimal value ffff (decimal value 65535) is the maximum recommended token size. Providing this value would probably solve the problem, but could have negative computer-wide effects with regard to performance. We recommend that you establish the minimum MaxTokenSize value that allows for the largest token of any user in your organization and enter that value.

  • Click OK.
  • Close Registry Editor.
  • Restart the computer.

 

Hope this may help you to keep your error logs clean.

Download PDF

Related Posts

About the Author: Nitin G

Indian born, trekker, biker, photographer, lover of monsoons. I've been working full time with SQL Server since year 2005 and blogs to post the content aquired during my research on new topics or fixing issues faced by me as a DBA while working in different kind of projects, hope some of my posts may helps others in SQLDBA community. Everything you read on my blog is my own personal opinion and any code is provided "AS-IS" with no warranties!

1 Comment + Add Comment

  • […] The prelogin packet used to open the connection is … – Found following error in SQL Server 2008 R2 error logs, Error: 17828, Severity: 20, State: 4. The prelogin packet used to open the connection is structurally invalid … […]

Leave a comment

Subscribe to this blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 179 other subscribers

Translate this blog!

EnglishFrenchGermanItalianPortugueseRussianSpanish

Calender

June 2019
M T W T F S S
« Nov    
 12
3456789
10111213141516
17181920212223
24252627282930

View Post by Categories

%d bloggers like this: