WINLOGON.EXE or NWLSCRPT.EXE crashing in Windows Heap32Next call when LDAP Contextless Login enabled.

(Last modified: 27Feb2006)

This document (10096109) is provided subject to the disclaimer at the end of this document.


Novell Client 4.9 SP2 for Windows NT/2000/XP

Novell Client 4.91 for Windows 2000/XP

Microsoft Windows 2000

Microsoft Windows Server 2003

Microsoft Windows XP


WINLOGON.EXE or NWLSCRPT.EXE crashing in Windows Heap32Next call when LDAP Contextless Login enabled.

Application error in NWLSCRPT.EXE when login script runs.

After installing LGNCXW32.DLL dated 03Dec2004, all users logging into Terminal Servers received an application error in NWLSCRPT.EXE

Error: NWLSCRPT.EXE - Application Error.
The instruction "0x<address>" referenced memory at "0x<address>". The memory could not be "read". Click OK to terminate the program.

Login script runs then Terminal Server hangs. 

Desktop fails to load.

0xC000021A bugcheck (blue screen) due to WINLOGON.EXE crashing during login.


NWLSCRPT.EXE and/or WINLOGON.EXE crashes when the LDAPSSL.DLL library (the LDAP library being used by LDAP Contextless Login extension, LGNCXW32.DLL) is making calls into the Windows Heap32First and Heap32Next APIs to process an existing CreateToolhelp32Snapshot snapshot.
In Microsoft Knowledgebase article 836506, Microsoft documents an issue which results in Internet Explorer exhibiting a crash while calling Heap32Next (and ultimately dying inside RtlQueryProcessHeapInformation).  In this case of WINLOGON.EXE or NWLSCRPT.EXE crashing, the code calling Heap32Next is LDAPSSL.DLL instead of Internet Explorer.

Internet Explorer quits unexpectedly in Windows 2000

Note that the fix cited in KB836506 is actually in NTDLL.DLL (a core Windows component which implements CreateToolhelp32Snapshot and Heap32Next) and not an updated module for Internet Explorer.


The problem is resolved with an updated NTDLL.DLL for Windows.  For further information, please see the details below.

For Windows 2000, obtain the hotfix cited in Microsoft Knowledgebase article 836506 from Microsoft and apply it to the affected workstation(s).

For Windows XP, obtain the hotfix cited in Microsoft Knowledgebase article 899947 from Microsoft and apply it to the affected workstation(s).  Currently KB899947 is a non-published hotfix for Windows XP SP1 only.  Please contact Microsoft directly to receive this non-public update found in KB899947.  Additionally, the issue may be resolved in Windows XP SP2 altogether.  If it is not, please contact Microsoft technical support and reference KB899947 and KB836506.  Currently there are not any known internal or public fixes for Windows XP SP2.

For Windows Server 2003, apply Windows Server 2003 Service Pack 1 (SP1 released March 2005) from Microsoft.  The KB836506 issue is not currently documented as addressed in Server 2003 SP1, but the issue appears to be resolved (or at least greatly reduced, since the problem is no longer apparent) by customers who have applied Server 2003 SP1 in response to this issue.

Note there is also an additional issue, specific to the LDAP Contextless Login extension (LGNCXW32.DLL), that could also create the same symptoms described here.  This issue has been addressed in LGNCXW32.DLL dated 24MAY2005 or later.  This fix is already included in Novell Client 4.91 SP1 and later.


Document Title: WINLOGON.EXE or NWLSCRPT.EXE crashing in Windows Heap32Next call when LDAP Contextless Login enabled.
Document ID: 10096109
Solution ID: NOVL100421
Creation Date: 07Jan2005
Modified Date: 27Feb2006
Novell Product Class:Netware Client


The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.