SharePoint Services Search Error: Event ID 2424

by Kindler Chase 13. February 2008 00:00

Event ID 2424

Recently I've seen a new error in our SharePoint server's application log event viewer occur every 5 minutes (non-essential fields removed):

Event Type: Error
Event Source: Windows SharePoint Services 3 Search
Event Category: Gatherer
Event ID: 2424
Description: The update cannot be started because the content sources cannot be accessed. Fix the errors and try the update again.

Context: Application 'Search', Catalog 'index file on the search server Search'

Resolution

After some Googling I found that SharePoint Services Search error with Event ID 2424 is not all that uncommon. Many "resolutions" are provided; one in particular seemed quite prevalent: Change the SharePoint Services Search Service Settings for the Service Account to use the same account as the Content Access Account. I agree. That last sentence is not exactly easy to follow. In easy-to-follow terms:

  1. Log into Central Administration > Operations > Services on Server > click on Windows SharePoint Services Help Search.
  2. You should now be in Configure Windows SharePoint Services Search Service Settings on server XXXXXX.
    1. Update the "Service Account" to be the same account as the "Content Access Account".
    2. Scroll to the bottom of the page and click OK. You can see just above the OK button the Indexing Schedule; by default, this is set to every 5 minutes which is why the application event log had an Event ID 2424 every 5 minutes.
  3. I haven't taken the time to investigate whether you should just reset IIS or reboot the server once you've updated that account. In my case, I just rebooted the server.

As soon as I rebooted the server, the SharePoint Services Search error with Event ID 2424 disappeared.

Other Thoughts

I noticed that Event ID 2424 began around the time I installed the following WSS/MOSS security patches which came out prior to the SharePoint SP1 patch:

I'm going to make the assumption that this error will occur as soon as you install the SharePoint SP1 patch as well.

Common factors contributing to Event ID 2424:

  • The SharePoint environment uses multiple domain service accounts to manage SharePoint services.
  • Kerberos authentication is being used.
  • The WSS/MOSS updates previously mentioned have been applied and/or SharePoint SP1 has been applied.

Final Resolution

I wasn't completely satisfied with the above resolution since it required a change in our role-based architecture of our service accounts. After some pondering, I came up with the theory that the permissions on the Search Database (and possibly registry permissions) as defined in the Search Service Settings are modified for the "Service Account" when changing the user. If that is the case, then updating the "Service Account" to the original account should reset the permissions on the database (and registry settings if needed).

Once I was satisfied that Event ID 2424 was no longer prevalent after 3-4 days of usage using my original resolution of using the same account for the "Service Account" as the "Content Access Account", I changed the "Service Account" back to the original account and rebooted the server. Again, I waited a few days to see if Event ID 2424 was raised and low-and-behold it did not!

Conclusion

Somewhere along the line, the WSS/MOSS and/or SharePoint SP1 update(s) are modifying existing permissions… Shame on the updates.

I've read other posts whose resolution is to manually update the permissions on the database for the account(s) in question. Although their resolution may work, I feel it is safer and a better best-practice to allow SharePoint to update the permissions whenever possible.

Enjoy!

Comments

3/14/2008 4:00:53 PM #

Hi, you've said, you 'Update the "Service Account" to be the same account as the "Content Access Account"'. , but: which one? I am a newbie to that topic (have a sharepoint running on MS Windows Home Server) - my accounts a limited to 10, so I am careful in "wasting" accounts... Can I use my Admin-Acoount? Do I have to set up a special service account? Where do I define the rights? You see, I am a little bit lost somehow... After reading a lot about this issue - and how to fix it somehow - it is beginning to be more and more confusing. After all, I still have the 2424... And search is not working.
Peter

Peter Germany

3/19/2008 6:19:54 PM #

Peter,

Yes, you should have two separate accounts. One running the "service account", aka the 'search service' and one running the "content access account", aka the 'crawler service'.  

Navigate to Central Administration > Operations > Services on Server > click on Windows SharePoint Services Help Search (You should now be in Configure Windows SharePoint Services Search Service Settings on server XXXXXX). You will see a label on the left side: "service account". This is where you set up the account for the 'search service'. Just below that is where you set up the 'crawler service' account. Both accounts should be standard accounts without administrative rights. SharePoint will apply the appropriate permissions to each account as soon as you save the settings on the page.

I'm not familiar with Windows Home Server and I'm not even sure SharePoint will run properly on WHS. MS has released KB article 940882 that states: Installing Microsoft Windows SharePoint Services 3.0 on a Windows Home Server-based computer is currently not supported. http://support.microsoft.com/kb/940882

Check out my post on installing SharePoint and you should get a better understanding of the service accounts needed and how to use them:
www.raregrooverider.com/.../...ox-Environment.aspx

HTH's
::kindler::

Kindler Chase United States

5/13/2008 8:08:15 AM #

Thanks for this, just run through your instructions - very clear and easy to follow - thanks !

I assume it must be an update that causes this as i am still pressing our admins to install SP1!

Pete

Welsh Pete United Kingdom

5/13/2008 8:51:14 AM #

Pete,

My conclusion is the same as yours: the pre-SP1 security patches cause some type of permissions corruption. Be forewarned that installing SP1 will most likely cause similar permission errors (maybe even the same!).

::kindler::

Kindler Chase United States

6/3/2008 9:05:32 AM #

Kindler,

I am having no luck at all at shaking the 2424 Gatherer error. I set up 2 seperate non-admin accounts to run the Search and Crawl services...to no avail.

What about database permissions?  Are there any special considerations?

Thanks.

KMS  

kmspsu93 United States

6/3/2008 9:34:34 AM #

KMS,

The 2424 error you are seeing may be different than what I've described in the post. Verfiy that your 2424 error matches the description/context presented in the beginning of the post.

SP should be setting the permissions for you database whenever you set up your search/crawl settings. If not, then there may be a permissions error with the account running central administration. To verify you are using the proper accounts, see my comments in this post (3/10/2008 7:33:40 PM):
www.raregrooverider.com/.../...-Database-Name.aspx

Other than that, if you do want to manually update your database permissions, review the post I linked to at the end of this article in the conclusion section.

Cheers!
::kindler::

Kindler Chase United States

6/13/2008 2:04:11 PM #

That did the trick for me...

Actually I read the same solution in various blogs but yours was the first to be written in a coherent fashion.  Thanks

bob e United States

10/24/2008 8:46:24 AM #

Thanks for the article Kindler.
All the sudden, when I try to open Sharepoint 3.0 Central administration, I get "Service Unavailable".
Checked the log. Below is the Desc. (Just how you mentioned in your article)
Event Type: Error
Event Source: Windows SharePoint Services 3 Search
Event Category: Gatherer
Event ID: 2424
But again: I can not follow your solution since I can not even open my central admin.
I have reset the IIS. No luck! I've loged in as different account. still no luck!
Any soloution perhaps????

Thank you in advance.

Nancy Iran

10/24/2008 7:38:14 PM #

Hello Nancy,

If you are unable to even log into your SharePoint Central Admin, then my assuption is there are other problems that may be at the root of your errors. You may want to review my reply to "KMS" a few replies up and follow the directions there to ensure you have the proper accouts set up.

Cheers!
::kindler::

Kindler Chase United States

10/28/2008 7:53:19 AM #

Hi Kindler,
Thank you for your respond.
Just in case someone else has the same problem:
I finally figured out the problem was coming from Application pool infact. Although I had "resetiis" from command prompt, I didn't get any result. This time, I restarted the application pool as well as my local computer manually. Then it worked! central admin was viewable and the error was gone!

Nancy Iran

1/13/2009 12:52:53 PM #

Unfortunately, another individual set up the search service account and content access accounts, and I don't know what the password is for the Content Access Account.  Sharepoint is prompting me to enter the passwords for both to make updates to the page.

Can I simply:

1. Reset the password for the Content Access account on the PDC via Active Directory Users and Computers,
2. After updating Service Account to use the same account as the Content Access account, enter the new password in both places?

Will I need to change the password anywhere else, if I reset the Content Access Account password via the method I described above?

I found this hideously complicated and undecipherable page which details how to change service accounts and service account passwords, but I don't understand most of it:

http://support.microsoft.com/kb/934838

Thanks,
Nick

Nick United States

3/3/2009 1:07:55 AM #

Thanks, this was exactly what I needed!

John Dolan United States

3/10/2009 11:36:04 AM #


Awesome! Thanks to the OP. Worked like a charm...

It was def caused by an update I applied as the system worked fine without any errors up till a few days ago, and after the update I began to see the 2424's appearing.

Bill

BillM United States

5/25/2009 4:16:01 AM #

Hi,

I still can't find what username and password should i put? I tried my admin account, but when I click on "ok", the web page is refreshed, and only "error" is written on it. Can someone help?

I tried with two normal admins account...

Stephane Switzerland

Kindler Chase

Kindler Chase
This is SharePoint's world. I'm only living in it.

Your host, on the right, with my better half, Sadi.