When working with ShraePoint Shared Services of MOSS 2007, we ran into a strange error. The Shared Services run under a special service account, just as best practices recommend. Everything works fine, but when another SSP Administrator than the original creator of the SSP wants to configure search settings, he gets promptet for his user credentials, but in no way can get to the search settings (btw: this does sometimes also apply to the User Profiles pages).
Checking the event log, we've found this strange error, that occurs everytime the above is attempted:
Event Type: Error
Event Source: .NET Runtime Event
Category: None
Event ID: 1023
Date: 1/26/2007
Time: 10:01:42 AM
User: N/A
Computer: MHODEV7
Description: .NET Runtime version 2.0.50727.42 - Fatal Execution Engine Error (7A05E2B3) (80131506)
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
On the web, I found only one useful resource: http://blogs.msdn.com/jingmeili/archive/2007/02/26/search-usage-report-in-moss-ssp-admin-prompts-for-credentials-and-net-2-0-fatal-execution-engine-error-is-seen-in-the-event-log.aspx.
The strange reason: The service account under which the SSP application pool runs does not have a local profile...
Apparently, this is a bug in the .NET Framework and Microsoft appears to have it fixed in a Hotfix. However, I was never able to download the Hotfix, nor does it help me that it is written to be corrected in the SP1 of Visual Studio. I don't have Visual Studio installed in a production environment...
What remains as a workaround is simple (but not logical and against all best practices) enough: Just grant the service account the log on right for your SharePoint machine, log in once, take the right away again and enjoy a sharepoint environment without strange error messages and Access Denied messages.